ownCloud: Configure Strict Transport Security (HSTS) and Memory Cache

The “Strict Transport Security” HTTP header is not configured to at least “15552000” seconds. For enhanced security we recommend enabling HSTS as described in our security tips.

When you go to the Admin console, you might see Security and Setup Warnings after upgrading or enabling SSL in OwnCloud.

No memory cache has been configured and  The “Strict Transport Security” HTTP header is not configured warning messages. Here is how I managed to resolve it.

Strict Transport Security HTTP Header

The “Strict-Transport-Security” HTTP header is not configured to least “15768000” seconds. For enhanced security we recommend enabling HSTS as described in our security tips.

The instructions provided in their Security Documentation is good but here is a simplified solution

Access the SSl.conf file. To do this open the terminal and type:

/etc/apache2/sites-available/owncloud-ssl.conf

or

/etc/apache2/sites-available/default-ssl.conf 

Add the following snippet of code to the SSL.conf file as shown:

Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

Enable module headers:

a2enmod headers

Restart your apache2 server.

sudo service apache2 restart

Memory Cache

No memory cache has been configured. to enhance your performance please configure a memcache if available. further information can be found in our documentation.

1. Open the Terminal and execute the following command:

sudo -s

You’ll be prompted to enter the root user password.

2. Now install php-apcu:

apt-get install php-apcu php-apcu-bc

3.Then install Nautilus to be able to edit the config.php file:

apt-get update

apt-get install gksu nautilus

if the previous command did not work the use:

apt-get install nautilus

Do not close the terminal.

4. Once nautilus has been installed press Alt+F2 on your keyboard to open the search.

Here search for gksu Nautilus and hit enter.

5. You’ll be prompted to enter admin password.

6. Once you enter the admin password the home screen will open, here go to + Other Locations -> computer. 

and  navigate to: /var/www/owncloud/config/config.php

7. Add the following line of text to the config.php file exactly like you see it on the image below:

‘memcache.local’ => ‘\OC\Memcache\APCu’,

8. Once you have added the line click Save. Then go back to the terminal and re-start apache2 by executing the following command:

sudo service apache2 restart

Done!! Go to the admin section of your owCloud instance and refresh, the warning should be removed. It should say All checks passed.

Video Tutorial:

Leave a Reply