[Support request] Strict-Transport-Security(HSTS) not working

Home Forums Really Simple SSL pro Strict-Transport-Security(HSTS) not working

This topic contains 2 replies, has 2 voices, and was last updated by  William 3 weeks, 2 days ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #163313 Reply

    William
    Participant

    Hello,

    I purchased the Really Simple SSL pro and enabled the HSTS feature, but I got two problem need help.
    -https://securityheaders.com/?q=kosmos.org.tw
    There is an error about “Strict-Transport-Security´╝ÜThis site was served over HTTP and did not redirect to HTTPS.”
    https://hstspreload.org/?domain=kosmos.org.tw
    There is an error about “Warning: Unnecessary HSTS header over HTTP”

    How should fix these issues?

    • This topic was modified 3 weeks, 3 days ago by  William.
    #163354 Reply

    Mark Wolters
    Keymaster

    Hi William,

    have you enabled a redirect setting in the plugin settings (Settings->SSL->Settings)? That should redirect the site to https:// and solve the first error. Likely the HSTS header will then be served over https:// as well to fix the second error.

    Mark

    #163703 Reply

    William
    Participant

    Hello Mark,

    After then I re-enable SSL and HSTS and waiting for a while, it finally works. Now my site passed the check list of the header scan. Thank you!

Viewing 3 posts - 1 through 3 (of 3 total)
Reply To: Strict-Transport-Security(HSTS) not working
Your information: