How do you enable HTTP Strict Transport Security (HSTS)? - Powered by Kayako Help Desk Software

Knowledgebase

18Billing Downloads 147Web Hosting 8Domain Names 32Pre-Sales Questions 4Abuse 18Virtual Private Servers 26PHP / Programming 19Client Area

Knowledgebase: Web Hosting

How do you enable HTTP Strict Transport Security (HSTS)?

Posted by Tony B. on 02 November 2017 09:41 AM

HTTP Strict Transport Security (HSTS) informs all user agents that they should only communicate with the web server using HTTPS. This can be used to prevent some attacks that downgrade connections from HTTPS to HTTP. All our servers support the ability to enable HSTS on either your entire account or just an individual domain. You can do this by adding the following to your domains .htaccess file:

Header always set Strict-Transport-Security "max-age=31536000" Header always set Strict-Transport-Security "max-age=31536000"

This header tells the client that interactions with the configured sites should always use HTTPS for one year (31536000 seconds).

(2 vote(s))

Helpful

Not helpful

Comments (0)

Post a new comment Reply to comment
Post a new comment Reply to comment

Full Name:
Email:
Comments:

CAPTCHA Verification
CAPTCHA Verification

Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).

Help Desk Software by Kayako