I am at my wits end trying to fix this error however after spending the whole weekend on it, I am no further along.
I have NextCloud running in a Docker on my Synology DS916+. Everything is running great, I can access it remotely and have a Letsencrypt certificate installed.
My issue however is on the Overview page, I get the following error;
“The “Strict-Transport-Security” HTTP header is not set to at least “15552000” seconds. For enhanced security, it is recommended to enable HSTS as described…”
I have read every page relating to this error I can find along with the official documentation that NextCloud provides, but nothing seems to work. A number of pages make reference to amending the htaccess file in Apache, however I can not locate this, as my system would appear to be using Nginx.
Can anyone please point me in the right direction before I lose it.
Lastly, I have tried the command; curl -I https://yourdomain.com and I get the following (the last line however does show the Strict-Transport-Security max age as what it should be?
Apologies for the late reply, I ended up falling asleep trying to fix this.
Thought I would quickly try again before work.
I opened up the conf file you suggested and can confirm that all eight reverse proxy services are listed, including NextCloud. Unfortunately however, they all already have the above Strict Transport Security entries;