How to enable HSTS (HTTP Strict Transport Security)

To make it easier to get in touch with us, from the 24th of March 2016 all support tickets will need to be submitted from your Crucial Control Panel.

HSTS is a tool that tells browsers to only use SSL for all future requests to a website. It strengthens SSL by preventing many common attacks against it (such as protocol attack and cookie hijacking).

 

Enabling HSTS is simple

 

Step 1 - Access and edit your .htaccess file. Click here for a guide if you're unsure how to do that.

 

Step 2 - Add this line to the top of the file:

 

Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

 

Step 3 - Hit Save Changes on the top right of the screen

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk