How do I get A+ Qualys with HA Proxy?
In a nutshell...
Very similar to an A rating, the A+ rating can be achieved for your SSL server on Qualys by enabling HSTS (HTTP Strict Transport Security), for enhanced security. In short, HSTS enforces the browser to always use HTTPS once a certain response header is presented. This mitigates various SSL stripping attacks and also prevents the constant need to cipher clients from HTTP to HTTPS. There is another way to achieve an A+ and that is by adding DNSSEC (Domain Name System Security Extensions). You can either have HSTS, DNSSEC or both, but this would be done at the DNS (Domain Name System) level and not via the load balancer.
["If you're a technical person wanting to apply this in practice, email soluti[email protected] who will be happy to talk you through it"?]