Menu
▾
▴
Re: [webmin-l] webmin uses HSTS?
|
From: Galen J. <Gal...@sa...> - 2017-03-28 04:33:16
|
If you are using Chrome, you can remove the domain from HSTS by going to chrome://net-internals#hsts but this is temporary and will reset the next time you hit that domain. If you want to see where it is being set, look in your web server config for a line similar to: Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"? =G= ________________________________ From: Yehuda Katz <ye...@ym...> Sent: Monday, March 27, 2017 7:06 PM To: Webmin users list Subject: Re: [webmin-l] webmin uses HSTS? You are probably getting that because the main domain uses HSTS. HSTS doesn't care that you went to a different port. You can often go to the IP address of the machine instead to get around this. - Y On Mon, Mar 27, 2017 at 6:52 PM, Jamie Cameron <jca...@we...<mailto:jca...@we...>> wrote: On 27/Mar/2017 09:25 Pat Erler <pe...@gm...<mailto:pe...@gm...>> wrote .. > I have a webmin (virtualmin actually) server which has an invalid > certificate. normaly you click (in chrome) something like "continue > anyways". no i get on this server: > > You cannot visit domain.com<http://domain.com> e at the moment because the website uses HSTS. > Network errors and attacks are usually temporary, so this page will > probably work late > > how can I disable HSTS in webmin? We don't actually specifically do anything in Webmin to enable HSTS. Do you have any custom ciphers set? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot - Forwarded by the Webmin mailing list at web...@li...<mailto:web...@li...> To remove yourself from this list, go to http://lists.sourceforge.net/lists/listinfo/webadmin-list |
