- May 17, 2019 at 6:18 pm #226480joshua janzenParticipant
I’ve been working tirelessly trying to get my wordpress secure when loading from a Google Search. I have purchased the Premium plugin as well. When I run the plugin scan, it’s telling me everything is good. However, when I use this tool from Google: , saying these are the errors: The header must contain the
preloaddirective. How do I fix? thank youMay 17, 2019 at 6:38 pm #226482RogierKeymaster
This is from hstspreload.org, the most likely cause is that you have not enabled the “preload” option in settings/ssl/settings yet. Can you try checking that option (which appears after enabling HSTS)?April 23, 2020 at 7:46 am #368100Steven GanzGuest
Can I configure this tool to not set includeSubDomains?April 23, 2020 at 8:54 am #368108MarkKeymaster
if you enable the regular HTTP Strict Transport Security option the includeSubDomains directive won’t be set. It’s only added when the ‘Configure your site for the preload list’ option has been enabled. If you disable that option, the includeSubDomains directive should be removed from the header.