I’m running a nextcloud installation in a web space of ionos (former 1&1). In the settings section I got the message
Der "Strict-Transport-Security“-HTTP-Header ist nicht auf mindestens "15552000“ Sekunden eingestellt. Für mehr Sicherheit wird das Aktivieren von HSTS empfohlen, wie es in den Sicherheitshinweisen erläutert ist.
I read the instruction - there is written that I have to edit die virtualhost file of apache. I can’t do that because I have a web space packagehosted at IONOS.
I found some forum threads/articles where is suggested to edit the .htaccess.
So added the following block in .htaccess file in the nextcloud root directory:
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" env=HTTPS
Unfortunately this modification has no effect.
I also tried a lot of similar codes - all of them don’t work.
Does someone has an idea how to solve this issue?
Thanks in advanced for your help!