diff --git a/pom.xml b/pom.xml
index 6ac20221ba0f2b82e36acf743ec80fbd3cc92927..74649700ef1a2095ae7e9a95dc0494ad85b00238 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,7 +24,7 @@
     <modules>
         <module>smp-parent-pom</module>
         <module>smp-api</module>
-        <module>smp-angular</module>
+        <!-- module>smp-angular</module -->
         <module>smp-server-library</module>
         <module>smp-webapp</module>
     </modules>
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
index 1b318c4f317ac9b7c80a8ccbf6e79d22e12faee4..186d62e210db71ee4ac333f7c7bb5e86662c634a 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
@@ -63,10 +63,6 @@ public enum SMPPropertyEnum {
     UI_COOKIE_SESSION_SITE("smp.ui.session.strict","Lax","Controls whether a cookie is sent with cross-origin requests, providing some protection against cross-site request forgery attacks. Possible values are: Strict, None, Lax. (Cookies with SameSite=None require a secure context/HTTPS)!!)", false, false,false, SMPPropertyTypeEnum.STRING),
     UI_COOKIE_SESSION_PATH("smp.ui.session.path","","A path that must exist in the requested URL, or the browser won't send the Cookie header.  Null/Empty value sets the authentication requests context by default. The forward slash (/) character is interpreted as a directory separator, and subdirectories will be matched as well: for Path=/docs, /docs, /docs/Web/, and /docs/Web/HTTP will all match", false, false,false, SMPPropertyTypeEnum.STRING),
 
-
-
-
-
     UI_COOKIE_SESSION_IDLE_TIMEOUT_ADMIN("smp.ui.session.idle_timeout.admin","300","Specifies the time, in seconds, between client requests before the SMP will invalidate session for ADMIN users (System)!", false, false,false, SMPPropertyTypeEnum.INTEGER),
     UI_COOKIE_SESSION_IDLE_TIMEOUT_USER("smp.ui.session.idle_timeout.user","1800","Specifies the time, in seconds, between client requests before the SMP will invalidate session for users (Service group, SMP Admin)", false, false,false, SMPPropertyTypeEnum.INTEGER),
     // SSO configuration
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
index 7641e5a6c0e25712c4f468191fcf91a7db025d29..adcc3c15ac2b8d7f463b6bd02be2836f267c376f 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
@@ -52,7 +52,7 @@ public class SmpWebAppConfig implements WebMvcConfigurer {
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
 
         registry.setOrder(HIGHEST_PRECEDENCE)
-                .addResourceHandler("/index.html", "/favicon-16x16.png").addResourceLocations("/static_resources/");
+                .addResourceHandler("/index.html", "/favicon.png", "/favicon.ico").addResourceLocations("/html/");
 
         registry.setOrder(HIGHEST_PRECEDENCE - 2)
                 .addResourceHandler("/ui/rest/").addResourceLocations("/"); // ui rest resources
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
index 55367f59592a8a0fe5981710b27d56085b18678f..41d56537e86b85adf011fdc2dd1683739b61d15e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
@@ -50,6 +50,7 @@ import org.springframework.security.web.firewall.DefaultHttpFirewall;
 import org.springframework.security.web.firewall.HttpFirewall;
 import org.springframework.security.web.session.HttpSessionEventPublisher;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.AnyRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
 import org.springframework.web.server.adapter.ForwardedHeaderTransformer;
 
@@ -128,7 +129,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
 
         ExceptionHandlingConfigurer<HttpSecurity> exceptionHandlingConfigurer = httpSecurity.exceptionHandling();
         if (configurationService.isCasEnabled()) {
-            LOG.info("REGISTER casAuthenticationEntryPoint: [{}]", casAuthenticationEntryPoint);
+            LOG.debug("The CAS authentication is enabled. Set casAuthenticationEntryPoint!");
             exceptionHandlingConfigurer = exceptionHandlingConfigurer.defaultAuthenticationEntryPointFor(casAuthenticationEntryPoint, new AntPathRequestMatcher(SMP_SECURITY_PATH_CAS_AUTHENTICATE));
         }
         exceptionHandlingConfigurer.authenticationEntryPoint(new SpringSecurityExceptionHandler());
@@ -142,16 +143,29 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
                 .and();
 
         if (configurationService.isCasEnabled()) {
+            LOG.debug("The CAS authentication is enabled. Add CAS filter!");
             httpSecurity = httpSecurity.addFilter(casAuthenticationFilter);
         }
         // set HstsMAxAge
         Integer maxAge = configurationService.getHttpHeaderHstsMaxAge();
-        if (maxAge!=null) {
-            httpSecurity
-                    .headers()
+        if (maxAge == null || maxAge < 0){
+            LOG.info("The httpStrictTransportSecurity (HSTS) policy is set for HTTPS/1Y!" );
+            httpSecurity = httpSecurity.headers()
                     .httpStrictTransportSecurity()
                     .includeSubDomains(true)
-                    .maxAgeInSeconds(maxAge);
+                    .preload(false)
+                    .maxAgeInSeconds(31536000).and().and();
+        }else if ( maxAge == 0){
+            LOG.warn("The httpStrictTransportSecurity (HSTS) policy is disabled!" );
+            httpSecurity = httpSecurity.headers().httpStrictTransportSecurity().disable().and();
+        } else {
+            LOG.info("The httpStrictTransportSecurity (HSTS) policy is set to [{}] for http and https!",maxAge );
+            httpSecurity = httpSecurity.headers()
+                    .httpStrictTransportSecurity()
+                    .includeSubDomains(true)
+                    .preload(false)
+                    .maxAgeInSeconds(maxAge)
+                    .requestMatcher(AnyRequestMatcher.INSTANCE).and().and();
         }
 
         httpSecurity.addFilter(blueCoatAuthenticationFilter)
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
index d51f36339ecfb808a8977b0dcf2c1d86be42584d..576b07c14e4f7cbd8221e2893149d1da74c8b71e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
@@ -25,6 +25,7 @@ import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 import static org.springframework.core.Ordered.HIGHEST_PRECEDENCE;
@@ -48,20 +49,26 @@ public class RootController {
         return new ModelAndView("redirect:/index.html", model);
     }
 
-    @GetMapping( produces = {MediaType.TEXT_HTML_VALUE, MediaType.IMAGE_PNG_VALUE},
-            value={ "/index.html", "/favicon-16x16.png"})
+    @GetMapping( produces = {MediaType.TEXT_HTML_VALUE,
+            MediaType.IMAGE_PNG_VALUE,
+             "image/ico","image/x-ico"
+},
+            value={ "/index.html","/favicon.png","/favicon.ico"})
     @Order(HIGHEST_PRECEDENCE)
-    public byte[] getServiceGroup(HttpServletRequest httpReq) throws IOException {
+    public byte[] getServiceGroup(HttpServletRequest httpReq, HttpServletResponse httpRes) throws IOException {
         String host = httpReq.getRemoteHost();
         LOG.businessInfo(SMPMessageCode.BUS_HTTP_GET_END_STATIC_CONTENT,host,httpReq.getPathInfo());
-        String value = httpReq.getServletPath();
-        if(value!=null && value.endsWith("favicon-16x16.png")){
-            return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon-16x16.png"));
-        }else {
+        String value = httpReq.getPathInfo();
+        if(value!=null && value.endsWith("favicon.png")){
+            httpRes.setContentType("image/x-ico");
+            return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon.png"));
+        }else if(value!=null && value.endsWith("favicon.ico")){
+            httpRes.setContentType(MediaType.IMAGE_PNG_VALUE);
+            return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon.ico"));
+        } else {
             return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/index.html"));
         }
     }
-
     /**
      * redirect angular pages to index.html
      * solve the 404 error on refresh
diff --git a/smp-webapp/src/main/resources/html/favicon-16x16.png b/smp-webapp/src/main/resources/html/favicon-16x16.png
deleted file mode 100644
index 3d21e2c812117e7de63d45621f8991391acfe9fc..0000000000000000000000000000000000000000
Binary files a/smp-webapp/src/main/resources/html/favicon-16x16.png and /dev/null differ
diff --git a/smp-webapp/src/main/resources/html/favicon.ico b/smp-webapp/src/main/resources/html/favicon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..650f74d68e1ad93bcf0497cd27b2c3af43c6338d
Binary files /dev/null and b/smp-webapp/src/main/resources/html/favicon.ico differ
diff --git a/smp-webapp/src/main/resources/html/favicon.png b/smp-webapp/src/main/resources/html/favicon.png
new file mode 100644
index 0000000000000000000000000000000000000000..0afb5fecb8f14c4619d1734b2df25809281e1e9f
Binary files /dev/null and b/smp-webapp/src/main/resources/html/favicon.png differ
diff --git a/smp-webapp/src/main/resources/html/index.html b/smp-webapp/src/main/resources/html/index.html
index 1c50bf0ec960970ce0db2f2b85f1b65f27a1bd64..f6dd59ac8818f79dc744b01c2997becf53926e51 100644
--- a/smp-webapp/src/main/resources/html/index.html
+++ b/smp-webapp/src/main/resources/html/index.html
@@ -1,5 +1,5 @@
 <!--
-  ~ Copyright 2017 European Commission | CEF eDelivery
+  ~ Copyright 2017-2022 European Commission | CEF eDelivery
   ~
   ~ Licensed under the EUPL, Version 1.2 or â€“ as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence");
   ~ You may not use this work except in compliance with the Licence.
@@ -14,9 +14,8 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <title>SMP</title>
-    <link rel="icon" type="image/x-icon" href="/favicon.ico">
+    <link rel="icon" type="image/x-ico" href="favicon.ico">
     <style type="text/css">
     body { font-family: Arial, Helvetica, sans-serif; }
     a, a:link, a:visited, a:hover, a:active { color: blue; }