https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97683#M19156 <P>Missing HSTS is a cosmetic issue here. Gaia only allows HTTPS TLS connectivity in any case. However, if you want it fixed, please follow&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>'s directions&nbsp;</P> Mon, 28 Sep 2020 07:27:39 GMT _Val_ 2020-09-28T07:27:39Z https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97593#M19147 <P>Our checkpoint gateways is hosted in google cloud environment which uses r80.10. This is our first time to encounter an "<SPAN class="markgy60czv49">HSTS</SPAN><SPAN>&nbsp;Missing From HTTPS Server" vulnerability which came from the result of our vulnerability scanner. It targets the service 443 which I assume more on the gaia web. Could you kindly assist me on how can I find the configuration of this HSTS in either management server or gateway. Has anyone also tried to fix this in your checkpoint that are hosted also in a cloud environment.&nbsp;</SPAN></P> Sat, 26 Sep 2020 15:13:37 GMT https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97593#M19147 keydee 2020-09-26T15:13:37Z https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97676#M19154 <P>Install the latest jumbo hotfix, which includes this configuration, or upgrade to a later version.<BR /><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk121795" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk121795</A>&nbsp;</P> Mon, 28 Sep 2020 04:28:07 GMT https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97676#M19154 PhoneBoy 2020-09-28T04:28:07Z https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97683#M19156 <P>Missing HSTS is a cosmetic issue here. Gaia only allows HTTPS TLS connectivity in any case. However, if you want it fixed, please follow&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>'s directions&nbsp;</P> Mon, 28 Sep 2020 07:27:39 GMT https://community.checkpoint.com/t5/General-Topics/HSTS-Missing-From-HTTPS-Server-Serv/m-p/97683#M19156 _Val_ 2020-09-28T07:27:39Z