Jump to content
Akinix

Leaderboard


Popular Content

Showing content with the highest reputation on 06/11/19 in Posts

  1. 1 point
    This question is quite frequent in a last few days, so here is the instruction. Simplest way to do this on Apache web server is: Add this code into your .htaccess file (must be placed in root directory of your website): <IfModule mod_headers.c> Header set Strict-Transport-Security "max-age=604800; includeSubDomains; preload" env=HTTPS </IfModule> Check if everything OK on your website and subdomains. WARNING: ALL subdomains MUST be accessible by HTTPS if you want to include your domain into preload list. Adding to preload list will make your domain and all its subdomains inacessible by HTTP protocol in all modern browsers. Your users will be forced to use HTTPS only. If everything is OK and you're 100% sure what you're ready to enable HSTS for longer period and be added to preload list, increase you max-age value to 63072000 and add "preload" directive. Your code in .htaccess should look like this: <IfModule mod_headers.c> Header set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" env=HTTPS </IfModule> Finally add your website to the preload list on https://hstspreload.org/
×
×
  • Create New...