Knowledgebase: Web Hosting
How do you enable HTTP Strict Transport Security (HSTS)?
Posted by Tony B. on 02 November 2017 02:41 PM
HTTP Strict Transport Security (HSTS) informs all user agents that they should only communicate with the web server using HTTPS. This can be used to prevent some attacks that downgrade connections from HTTPS to HTTP.  All our servers support the ability to enable HSTS on either your entire account or just an individual domain.  You can do this by adding the following to your domains .htaccess file:
Header always set Strict-Transport-Security "max-age=31536000" Header always set Strict-Transport-Security "max-age=31536000" 


This header tells the client that interactions with the configured sites should always use HTTPS for one year (31536000 seconds).

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).