Wowza Community

HSTS for Streaming Engine

Is there a way to enable HSTS for the Streaming Engine? It is mentioned in the docs for enabling HTTPS for the Manager (, but I couldn’t find anything in the docs for the Streaming Engine.

Hi @Erwin_Eggenberger1,

You can add custom headers to HTTP responses via the following property

Name: httpUserHTTPHeaders
Path: /Root/Application/HTTPStreamer
Type: String
Value: Key:Value

(where Key:Value = the header to add)

You can add multiple headers by delimiting them with the pipe (|) character.

You can optionally only add headers for particular playback types by changing the name to [lower-case-protocol-type]UserHTTPHeaders, e.g. for Apple HLS that would be cupertinoUserHTTPHeaders.

Here is an example

strict-transport-security: max-age=31536000; includeSubDomains

Do note though that adding this HTTPStreamer property httpUserHTTPHeaders with the value of Strict-Transport-Security: max-age=31536000; includeSubDomains will impact all HTTP requests to that application (i.e. they would all have to be over HTTPS once the cookie is set on the client-side).

Thanks, that works for applications. Should that also work for HTTPProviders? When I look at it seems to be possible to set properties for providers, or even globally, but that didn’t seem to work with a httpUserHTTPHeaders property.