Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
loading
  1. Home
  2. Security
  3. How to manage HTTP Strict Transport Security (HSTS) for your site
Updated on June 21, 2024

Security

  • Folder icon closed Folder open iconWhat is KernelCare?
  • Folder icon closed Folder open iconHow to help prevent spam in cPanel
  • Folder icon closed Folder open iconHow To Prevent Outgoing Email From Being Marked As Spam
  • Folder icon closed Folder open iconHow To Secure Your WordPress Site
  • Folder icon closed Folder open iconAn introduction to SSL
  • Folder icon closed Folder open iconHow to install a third-party SSL certificate
  • Folder icon closed Folder open iconHow to install an Organization Verified SSL certificate
  • Folder icon closed Folder open iconHow to install a Domain Verified SSL certificate
  • Folder icon closed Folder open iconHow to renew an SSL certificate
  • Folder icon closed Folder open iconHow to redirect visitors to SSL connections
  • Folder icon closed Folder open iconHow to use www and non-www domains with an SSL certificate
  • Folder icon closed Folder open iconHow To Find SSL Certificate Fingerprints
  • Folder icon closed Folder open iconHow to generate a private key and CSR from the command line
  • Folder icon closed Folder open iconHow to fix mixing of secure and insecure content on a web page
  • Folder icon closed Folder open iconHow to install an SSL certificate site seal
  • Folder icon closed Folder open iconSSL certificates and Server Name Indication (SNI) support
  • Folder icon closed Folder open iconHow to determine the OpenSSL version
  • Folder icon closed Folder open iconHow to secure an unmanaged server with a Let's Encrypt SSL certificate
  • Folder icon closed Folder open iconDifferences between Let's Encrypt certificates and traditional CA-issued certificates
  • Folder icon closed Folder open iconHow to manage HTTP Strict Transport Security (HSTS) for your site
  • Folder icon closed Folder open iconHow to install a self-signed SSL certificate
  • Folder icon closed Folder open iconDifferences between a cPanel certificate and a traditional CA-issued certificate
  • Folder icon closed Folder open iconWhere are SSL certificates from DigiCert, Sectigo, and cPanel banned?
  • Folder icon closed Folder open iconWhere are Comodo SSL certificates banned?
  • Folder icon closed Folder open iconPerpetual Security information
  • Folder icon closed Folder open iconHow to secure an unmanaged server
  • Folder icon closed Folder open iconHow to repair and secure a hacked site
  • Folder icon closed Folder open iconHow to help prevent spam
  • Folder icon closed Folder open iconHow to create a strong password
  • Folder icon closed Folder open iconHow to install server updates
  • Folder icon closed Folder open iconHow to harden a server with fail2ban
  • Folder icon closed Folder open iconHow to fix the Heartbleed vulnerability on unmanaged servers
  • Folder icon closed Folder open iconUnderstanding software vulnerabilities and protecting your account
  • Folder icon closed Folder open iconHow to protect yourself from email phishing scam attempts
  • Folder icon closed Folder open iconHow to generate Google reCAPTCHA keys for site security
  • Folder icon closed Folder open iconTLS and cipher suites update for December 2019
  • Folder icon closed Folder open iconHow to request Google to review hacked sites and remove Deceptive Site Ahead’ warning
  • Folder icon closed Folder open iconWhat is email spoofing?
  • Folder icon closed Folder open iconMigrations and legacy e-mail client applications
  • Folder icon closed Folder open iconSecure Sockets Layer (SSL) information
    • SSL/TLS certificate validity periods
    • How to generate a purchased SSL certificate for an unmanaged hosting account

How to manage HTTP Strict Transport Security (HSTS) for your site

Estimated reading: 2 minutes 193 views

The management of HTTP Strict Transport Security (HSTS) for your website is covered in this article.Contents Table of

About HSTS
Managing HSTS on Linux
More Information

About HSTS

HTTP Strict Transport Security (HSTS) instructs web browsers to only use secure connections (https://) for all future requests when communicating with a web site. Doing so helps prevent SSL protocol attacks, SSL stripping, cookie hijacking, and other attempts to circumvent SSL protection.

Managing HSTS on Linux

By default, HSTS is enabled on all Linux-based managed hosting accounts. You do not need to take any additional steps to use HSTS with your site.

However, there may be scenarios where you want to disable HSTS for your site, such as during site development or testing. To do this, follow these steps:

Using SSH, the cPanel File Manager, or the Plesk File Manager, navigate to the document root of your site (usually the public_html folder).

Use your preferred text editor to open the .htaccess file.If the .htaccess file does not already exist, create it.

Copy the following line, and then paste it into the .htaccess file:Header always unset Strict-Transport-Security

Save your changes to the .htaccess file. HSTS is now disabled for your site.

More Information

For more information about HSTS, please visit https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security.

Read also – How to use the Python Selector in CPanel

Still stuck? How can we help?

How can we help?

Was this page helpful? Yes No

Share this Doc

How to manage HTTP Strict Transport Security (HSTS) for your site

Or copy link

Clipboard Icon
CONTENTS
    Leaf Illustration

    © 2023 All Rights Reserved by Hostvento