How to add HSTS security to my website

by OffRoad Rider Banned
1 replies
  • WEB DESIGN
  • |
I am having a website [link removed by moderator] i really want to add hsts security header on it. can anyone please hlep
#add #hsts #security #website
  • Profile picture of the author Rizwan867
    To add HSTS security to your website, you'll need to configure the HSTS header in your web server configuration, not directly in your HTML files. However, here's a quick overview for different servers:

    For Apache:
    Add this to your .htaccess or server configuration:

    apache
    Copy code
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    For Nginx:
    Add this to your nginx.conf file inside the server block:

    nginx
    Copy code
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
    For IIS (in web.config):
    xml
    Copy code
    <configuration>
    <system.webServer>
    <httpProtocol>
    <customHeaders>
    <add name="Strict-Transport-Security" value="max-age=31536000; includeSubDomains; preload" />
    </customHeaders>
    </httpProtocol>
    </system.webServer>
    </configuration>
    Note: HSTS is applied via HTTP headers, not HTML. Ensure your site is served over HTTPS for HSTS to work.
    {{ DiscussionBoard.errors[11803667].message }}

Trending Topics