How to configure your server for Client Hints
Client Hints are a set of HTTP request headers that provide useful information to a server about the connecting client such as device type and network conditions. This then allow a server to optimize the content that is served back to the client.Unlike the traditional "User Agent String", Client Hints provide a more efficient and privacy preserving way of retrieving the desired information.
Whilst the "User Agent String" is presented to servers automatically, a web server needs to proactively request the client hint headers they are interested in. The connecting client can then include the requested headers in subsequent requests.
MIDAS (v4.36+) utilizes Client Hint headers in order to be able to determine the specific operating system version and type of device a client is connecting from.
This information is then used to provide users with automated notifications whenever a new or unfamiliar device logs in to their MIDAS account.
Our cloud-hosted client servers are already configured to transparently request the necessary Client Hint headers.
For self-hosted customers however, a small server configuration change will be necessary in order to take advantage of these improvements to device detection in MIDAS v4.36+.
Essentially, you'll need to configure your web server to send the following three HTTP headers with every response:
- "
Accept-CH" (Accept Client Hints - Ask the browser to send these hints on subsequent requests) - "
Critical-CH" (Critical Client Hints - Ask the browser to send these hints ASAP) - "
Permissions-Policy" (Permissions Policy - Allow these hints to be sent to your server)
Here's how to configure your webserver to send this custom Client Hint HTTP headers:
How to configure Apache to send custom Client Hint HTTP headers
With the "mod_headers" Apache module enabled, you can add the following lines either to the server's httpd.conf file, or to the .htaccess file for the location where your MIDAS system is installed:Header always set Accept-CH "Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Form-Factors"
Header always set Critical-CH "Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Form-Factors"
Header always set Permissions-Policy "ch-ua=(self), ch-ua-full-version-list=(self), ch-ua-platform=(self), ch-ua-platform-version=(self), ch-ua-mobile=(self), ch-ua-model=(self), ch-ua-arch=(self), ch-ua-form-factors=(self)"
How to configure IIS to send a custom Client Hint HTTP header
- Open Internet Information Services (IIS) Manager.
- In the connections pane, expand the node for the server, and then expand Sites.
- Select the web site where you want to add the custom HTTP response header.
- In the web site pane, double-click HTTP Response Headers in the IIS section.
- In the actions pane, select Add.
- In the Name box, type the custom HTTP header name, "
Accept-CH". - In the Value box, type the custom HTTP header value, "
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Form-Factors". - Select OK.
- In the actions pane, select Add.
- In the Name box, type the custom HTTP header name, "
Critical-CH". - In the Value box, type the custom HTTP header value, "
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Form-Factors". - Select OK.
- In the actions pane, select Add.
- In the Name box, type the custom HTTP header name, "
Permissions-Policy". - In the Value box, type the custom HTTP header value, "
ch-ua=(self), ch-ua-full-version-list=(self), ch-ua-platform=(self), ch-ua-platform-version=(self), ch-ua-mobile=(self), ch-ua-model=(self), ch-ua-arch=(self), ch-ua-form-factors=(self)". - Select OK.
← Return to the Knowledge Base