Developer forum

Forum » Hosting » HTTP Strict Transport Security (HSTS)

HTTP Strict Transport Security (HSTS)

Thomas Jensen


How do we activate HSTS?


I have testet 3 solutions that I have access to
all are hosted on Curanet (Hostnordic)
all do have SSL

One: Solution do have HSTS active, but it has a short "max-age" of 30 days (recomendation is that it should be a least 180 days), it uses DW version (9.13.12)

Two: Solution do NOT have HSTS, it is on the same server as the first, but it uses on an older DW version (9.6.7)

Three: Solution do NOT have HSTS, is on a difirend server (still on Curanet), it is uses the same as the first DW version (9.13.12)

Non of there are custom so we do not have access to Application


So what is the procedure for getting HSTS setup/enabled and configured properly ?


Regards Thomas



You must be logged in to post in the forum