Security

Is it possible to configure Splunk to support HTTP Strict Transport Security (HSTS)?

Explorer

Hi,

We have a requirement from our security team to have Splunk support HSTS feature. Can this be done?

I have seen configuration for other servers like Apache 2 at https://raymii.org/s/tutorials/HTTP_Strict_Transport_Security_for_Apache_NGINX_and_Lighttpd.html

How can we configure Splunk server to support it?

Please let me know.

Thanks,

-Amol

Labels (1)
0 Karma

Path Finder

In case anyone else is wondering the answer to this question, there is now a way to do this deployment-wide as of version 4.*

Set the following flag globally in $SPLUNK_HOME/etc/system/local/web.conf (under [settings] stanza) and in $SPLUNK_HOME/etc/system/local/server.conf (in [default] stanza):

sendStrictTransportSecurityHeader = true
0 Karma

Motivator

If you want to add custom headers to Splunk, your best bet is probably to front-end Splunk with Apache or Nginx. Also note that if you enable SSL on Splunkweb, there is no non-ssl port.

https://answers.splunk.com/answers/5465/how-to-access-splunk-web-interface-behind-nginx.html

0 Karma