Qlik Community

Ask a Question


Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Talk to Experts Tuesday: Live chat Aug. 24th 10 AM ET: Bring your Qlik Gold Client questions REGISTER TODAY

HTTP Strict Transport Security (HSTS) in Qlik Sense

Digital Support
Digital Support

HTTP Strict Transport Security (HSTS) in Qlik Sense

HTTP Strict Transport Security (HSTS) is an opt-in security enhancement which any web application can support through the use of a special response header. When a supported browser receives this header that browser will prevent any communication sent over HTTP in the future and will redirect all traffic over HTTPS instead. 

More details about HSTS can be found on https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html


  • Qlik Sense Enterprise June 2019 release and later 




In Qlik Sense, one can add additional HTTP response headers in the Virtual Proxy configuration to enforce HSTS

1. Open the Qlik Sense QMC

2. In the CONFIGURATION SYSTEM section,  click on Virtual Proxies

3. Select the Virtual Proxy profile for user access and click on Edit

3. Go to the Advanced section and in the field "Additional response headers" 

4. Enter the HSTS configuration setting applicable to your environment. i.e  Strict-Transport-Security: max-age=31536000;includeSubDomains;Preload

Vitural Proxy

5. HTTP to HTTPS must be enabled.

For additional information about http to https redirects, see

Sites to Confirm HSTS setup

Gov Site on HSTS  https://https.cio.gov/hsts/


Note: Qlik does NOT support the configuration or implementation of non-Qlik or Operating System related software. The above suggestion is an introduction to this topic, and if it does not work in your particular environment then please reach out internally to your IT team. If you need direct assistance, please contact your Account Owner to discuss purchasing Consulting Services. (see How to Contact the Consulting Team?)

Version history
Revision #:
5 of 5
Last update:
‎2021-02-23 04:12 AM
Updated by: