How to add HTTP Strict Transport Security (HSTS)

Posted on by John

There are following below methods to add HTTP Strict Transport Security Header in Apache or NGINX or .HTACCESS

[1] How to add in Nginx configuration file

There are following code need to add in Nginx configuration file

add_header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";



[2] How to add in Apache configuration file

There are following code need to add in Apache configuration file

header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"



[3] How to add in .htaccess file

There are following code need to add in .htaccess configuration file

<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" 
<IfModule mod_headers.c>

HTTP Security Headers Checker Tool

https://www.site2info.com/sitesecurity.php

Other Important HTTP Security Headers

Magento 2 All Database Tables [500 & more Tables]


HTTP Security Headers Checker Tool – Security Headers Response


How to add Feature-Policy Security Header


How to add X-Content-Type-Options Security Header


How to add Expect-CT Security Header


How to add X-Frame-Options Security Header


How to add X-XSS-Protection Security Header


How to add Referrer Policy Security Header


Referrer Policy Header Security


Magento 2 Admin Security


How to add HTTP Strict Transport Security (HSTS)


How To Set CSRF Token in Magento 2


What is CSRF and CSRF Token

Leave a Reply

Your email address will not be published. Required fields are marked *