HTTP Strict-Transport-Security (HSTS)

Marc Wagner, July 16, 2022
Table of Contents

HSTS stands for HTTP Strict Transport Security. It is a header specification that tells the browser of the page visitor that for a specified period of time (max-age), communication should take place exclusively via a secure connection (HTTPS).

How to enable the HSTS header on Plesk for Linux #

  1. Sign in to Plesk.
  2. Go to Websites & Domains > Hosting Settings and enable the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option there.
  3. Then go to Websites & Domains > Apache & nginx settings.
  4. Now enter the following there and save the changes afterwards.
    1. Apache, additional instructions for HTTPS:
      add_header Header always set Strict-Transport-Security “max-age=31536000”
    2. Additional nginx directives:
      add_header Strict-Transport-Security “max-age=31536000” always;

That was it already. You have activated the HSTS header for your domain.

What are your Feelings
Avatar of Marc Wagner
Marc Wagner

Hi Marc here. I'm the founder of Forge12 Interactive and have been passionate about building websites, online stores, applications and SaaS solutions for businesses for over 20 years. Before founding the company, I already worked in publicly listed companies and acquired all kinds of knowledge. Now I want to pass this knowledge on to my customers.

HSTS, Sicherheit

Similar Topics

Comments

Leave A Comment

Forge12 Interactive GmbH
The #1 WordPress agency from Germany

Your partner for customized WordPress solutions. With consulting, training, maintenance and hosting from a single source, we are your professional WordPress forge. Contact us for innovative solutions in the B2B sector.

Services
Resources
The company
WordPress agency

Forge12 Interactive
durchstöbern

Möchten Sie mit uns arbeiten?

Lassen Sie uns alles in Ruhe bei einem kostenlosen Kennenlerngespräch besprechen. Buchen Sie hier direkt Ihren Wunschtermin.