I am using Wordpress Bitnami via EC2 instance AWS. I installed SSL certificate.
Could you please tell me where I should add HTTP Strict Transport Security line in which file? I am new to it. I don't know if this line is correct for Bitnami.
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
Any suggestion appreciated.
Bitnami Engineer here.
The lines to modify the HEADERS information for WordPress should be placed inside the "Directory" block of the /opt/bitnami/apps/wordpress/conf/httpd-app.conf file
...
<Directory /opt/bitnami/apps/wordpress/htdocs/>
...
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
...
</Directory>
If you also need to modify the headers settings in different directories, you will need to add a new block for that directory and modify the headers setting
...
<Directory /opt/bitnami/apps/wordpress/htdocs/wp-admin>
...
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
...
</Directory>
Then, you will need to restart Apache
sudo /opt/bitnami/ctlscript.sh restart apache