How to enable HTTP Strict-Transport-Security (HSTS) in Continuity Engine Management Service
Summary
This Knowledgebase article provides information about how to enable HTTP Strict-Transport-Security (HSTS) in Continuity Engine Management Service
The HTTP HSTS is a mechanism that allows websites to declare that they can be only accessed via secure connection (HTTPS). The mechanism is specified by the RFC6797, and it uses the response header Strict-Transport-Security to inform user agents (UAs) about the secure policy required by the website.
Procedure
To enable HTTP Strict-Transport-Security (HSTS):
On the Engine Management Server:
- Stop Neverfail Engine Management Web Services service.
- Open in a text editor the configuration file "C:\Program Files\Neverfail\tomcat\apache-tomcat-x.x.xx\conf\web.xml"
- Search for the httpHeaderSecurity filter and modify/update the values like this (make sure you also uncomment the filter):
- ...edit...edit<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<init-param>
<param-name>hstsIncludeSubDomains</param-name>
<param-value>true</param-value>
</init-param>
</filter> - Localize the “httpHeaderSecurity“ filter-mapping section and uncomment it. Resulting text should be like this:
- ...edit...edit<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping> - Save the file and start the Neverfail Engine Management Web Services service.
- The edited settings will add in the EMS API response headers the following 3 values:
Applies to
Neverfail Continuity Engine Management Service up to v15
Related Articles
Engine Management Service API
Summary This knowledgebase article provides information about Engine Management Service (EMS) API: frequently used API endpoints (applicable to all supported CE versions) procedure for enabling, capturing and viewing Swagger API documentation (valid ...How to enable DEBUG level logging on Neverfail Continuity Engine Management Service
Summary This Knowledgebase article provides information about how to enable DEBUG level logging on Neverfail Continuity Engine Management Service. Procedure To enable DEBUG level logging on Neverfail Continuity Engine Management Service: On the ...Continuity Engine Product Architecture
Learning objectives At the completion of this session, you should be able to: Identify major components of the Neverfail Continuity Engine product architecture. Describe major component configuration. Identify advantages of the Neverfail Continuity ...How to use the Engine Management Service
Summary This Knowledgebase article provides information about using the Engine Management Service. More Information The Engine Management Service is used to control Neverfail software and provides access to the status of Neverfail Continuity Engine ...Check Continuity Engine Server Status
This article describes how to check server status by reviewing several indicators, including the system tray icon, the Server Details page and Applications page in EMS, and Windows services. Check Server Status Learning objectives At the end of the ...