Azure App Service on Linux images using PHP 8.x are now bundled with NGINX instead of Apache. The use of .htaccess files will not work for NGINX as these are used for Apache only. This will require the need to setup a custom startup script and modifying the existing NGINX site configuration.
Navigate to your App Service via the Azure Portal. Under the Development Tools section, select SSH then Go -->.
Modifying the default site config
You will want to make a copy of the existing configuration and place the file inside the /home/site directory.
cp /etc/nginx/sites-available/default /home/site/defaultOnce you created a default page as in the previous step, please update the location block to add HSTS Header and create the custom startup script as mentioned below
location / {
index index.php index.html index.htm hostingstart.html;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
}
Creating the custom startup script
You will now need to create a custom startup script and save the file as /home/site/startup.sh
#!/bin/bash
cp /home/site/default /etc/nginx/sites-available/default
service nginx reloadIn the custom startup script, we are doing the following:
- Overriding the existing
/etc/nginx/sites-available/defaultfile with the/home/site/defaultfile. - Reloading the NGINX service to make the updates take effect.
Updating the application settings
Navigate back to your App Service via the Azure Portal. Under the Settings section, select Configuration.
Go over to the General Settings section of the Configuration blade.
For the Startup Command enter the following: /home/site/startup.sh
Save these settings and navigate to your application https://{sitename}.azurewebsites.net/
Please refer to the document https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/