Knowledge Base

How to enable HTTP Strict Transport Security or HSTS?

*Note: Your website must have an active and functioning SSL certificate installed in order to use HTTP Strict Transport Security or HSTS. If you do not already have SSL installed, you will need to do that first ortherwise your visitors will receive an error.

To enable HSTS on your website, the following must be added to your .htaccess file:

Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

Please rate this article to help us improve our Knowledge Base.

0 0