hostitsmartcanada
New member
In this write we will be show you how to install HSTS in a website
Use HTTP Strict Transport Security to force the client to use secure connections only Header always set Strict-Transport-Security “max-age=300; includeSubDomains; preload”
server.modules += (“mod_setenv”) $HTTP[“scheme”] == “https” {setenv.add response-header = (“Strict-Transport-Security” => “max-age=300; includeSubDomains; preload”)}
add_header Strict-Transport-Security ‘max-age=300; includeSubDomains; preload; always;’
Response.AddHeader(“Location”, path); break; }}
TO install HSTS In apache web server
Simply add this to your .htaccess fileUse HTTP Strict Transport Security to force the client to use secure connections only Header always set Strict-Transport-Security “max-age=300; includeSubDomains; preload”
To install HSTS in lighttpd
Simply add this to your Lighttpd configuration file/etc/lighttpd/lighttpd.confserver.modules += (“mod_setenv”) $HTTP[“scheme”] == “https” {setenv.add response-header = (“Strict-Transport-Security” => “max-age=300; includeSubDomains; preload”)}
To Install HSTS in NGINX
Add this to your site.conf file:add_header Strict-Transport-Security ‘max-age=300; includeSubDomains; preload; always;’
To Install HSTS in IIS Servers
protected void Application_BeginRequest(Object sender, EventArgs e) {switch (Request.Url.Scheme) {case “https”: Response.AddHeader(“Strict-Transport Security”, “max-age=31536000; includeSubDomains; preload”); break; case “https”: var path = “https://” + Request.Url.Host = Request.Url.PathAndQuery; Response.Status = “301 Moved Permanently”;Response.AddHeader(“Location”, path); break; }}