Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Chaker2002
New Contributor

Created on ‎07-01-2024 02:11 PM

The remote web server is not enforcing HSTS

Hello,
When I scanned my Ubuntu server for vulnerability I found: "The remote web server is not enforcing HSTS, as defined by RFC 6797". It affected Port:8010 which used by FortiGate to authenticate.
I am not sure how to fix it: Did I need to change my Ubuntu or my Fortigate configuration.

Best Regars

Labels:
1312
0 Kudos
2 REPLIES 2
saneeshpv_FTNT
Staff
Staff

Created on ‎07-01-2024 10:44 PM

Hi @Chaker2002 ,

 

I didn't clearlt get your issue with ubuntu server and its relation with Fortigate Firewall. But please check below article and see if this helps you anyway.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-HSTS-enforcement/ta-p/196465

 

If not please share more details about the setup so we could help you here.

 

Best Regards,

Saneesh

1265
Yurisk
SuperUser
SuperUser

Created on ‎07-02-2024 06:41 AM

Your scan passed the Fortigate, which has this port open for Web Filtering override with authentication. If you are managing this Fortigate, you can close this port in Local-in policy. 

Regarding the port 8010, you can read more here https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-disable-TCP-ports-8008-8010-8015-an... 

 

Yuri Slobodyanyuk
Yuri Slobodyanyuk
1230
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.