- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The remote web server is not enforcing HSTS
Hello,
When I scanned my Ubuntu server for vulnerability I found: "The remote web server is not enforcing HSTS, as defined by RFC 6797". It affected Port:8010 which used by FortiGate to authenticate.
I am not sure how to fix it: Did I need to change my Ubuntu or my Fortigate configuration.
Best Regars
- Labels:
-
FortiClient
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Chaker2002 ,
I didn't clearlt get your issue with ubuntu server and its relation with Fortigate Firewall. But please check below article and see if this helps you anyway.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-HSTS-enforcement/ta-p/196465
If not please share more details about the setup so we could help you here.
Best Regards,
Saneesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your scan passed the Fortigate, which has this port open for Web Filtering override with authentication. If you are managing this Fortigate, you can close this port in Local-in policy.
Regarding the port 8010, you can read more here https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-disable-TCP-ports-8008-8010-8015-an...
