Our video tutorial explains how to configure HSTS – HTTP Strict Transport Security on F5 Appliance. There are 2 options available to configure
Option 1 is using iRule
Option 2 is using HTTP Profile, however this option is available from Version 12 onwards.
Using iRule option, configure following iRule and attach to HTTPS Virtual Server and not HTTP
when RULE_INIT {
set static::expires [clock scan “1 day”]
}
when HTTP_RESPONSE {
HTTP::header insert Strict-Transport-Security “max-age=[expr {$static::expires – [clock seconds]}]; includeSubDomains”
}
