We have added HTTP Strict Transport Security (HSTS) in our haproxy configuration, but the scan for haproxy debug port 1974 still shows as “Not Offered”. Below is the snippet of the haproxy configuration for the same. Can you please guide what needs to be done here to make the HSTS work properly.
frontend haproxy_frontend
bind *:1974 ssl crt /usr/local/etc/cert.crt
http-response set-header Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”
http-request add-header X-Forwarded-Proto https
redirect scheme https if !{ ssl_fc }
default_backend haproxy_backend
backend haproxy_backend
server srv01 haproxyserver:1974 resolvers docker_app-net
http-response replace-header Location (.)(\b:1974/\b)(.)$ \1:“$HAPROXY_PORT”/\3
http-response replace-header Location (?i)(.)(\b"$APP_IP"/)(.) \1"$APP_IP":“$HAPROXY_PORT”/\3
listen stats
bind *:1974 ssl crt /usr/local/etc/cert.crt
http-response set-header Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”
stats enable
stats uri /
stats auth “$debugUserName”:“$debugPass”