No HSTS header

  • frankbonnet

    (@frankbonnet)


    8 years, 4 months ago

    Hi,

    I have installed your plugin and activated “Force HTTPS protocol” in HSTS section.
    I have checked the “include subdomain” and “Preload” with a max lenght.

    But when I check to the hstspreload website :
    https://hstspreload.org/?domain=surf-finance.com

    I have this warning :
    Response error: No HSTS header is present on the response.

    Is there anything else to do ?
    Thanks for your support.
    Frank

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Carl

    (@carlconrad)

    8 years, 4 months ago

    Hello,

    Sorry to read this. This is often due to cache plug-ins that rewrite the headers without taking care of their content.

    Carl

    fredclown

    (@fredclown)

    8 years, 4 months ago

    I can validate that at least W3 Total Cache does this. So frustrating.

    Plugin Author Carl

    (@carlconrad)

    8 years, 3 months ago

    Hello, the update released today addresses this issue by providing you the content to insert in the .htaccess file.

    Carl

    doylegirl

    (@doylegirl)

    8 years, 2 months ago

    Shoot, I had the same problem too, even since the update.
    Still getting an F on https://observatory.mozilla.org/analyze/

    Plugin Author Carl

    (@carlconrad)

    8 years, 2 months ago

    Hello, this is often due to chache plug-ins that rewrite the page headers.

    The latest update addresses this issue by providing you the content to insert in the .htaccess file.

    Carl

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘No HSTS header’ is closed to new replies.