Forum | Really Simple SSL

The header must contain the `includeSubDomains` and `preload` directive.

Home Forums Really Simple SSL pro The header must contain the `includeSubDomains` and `preload` directive.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #226480
    joshua janzen
    Participant

    I’ve been working tirelessly trying to get my wordpress secure when loading from a Google Search. I have purchased the Premium plugin as well. When I run the plugin scan, it’s telling me everything is good. However, when I use this tool from Google: , saying these are the errors: The header must contain the includeSubDomains and preload directive. How do I fix? thank you

    #226482
    Rogier
    Keymaster

    Hi Joshua,

    This is from hstspreload.org, the most likely cause is that you have not enabled the “preload” option in settings/ssl/settings yet. Can you try checking that option (which appears after enabling HSTS)?

    #368100
    Steven Ganz
    Guest

    Can I configure this tool to not set includeSubDomains?

    #368108
    Mark
    Keymaster

    Hi Steven,

    if you enable the regular HTTP Strict Transport Security option the includeSubDomains directive won’t be set. It’s only added when the ‘Configure your site for the preload list’ option has been enabled. If you disable that option, the includeSubDomains directive should be removed from the header.

    Mark

Viewing 4 posts - 1 through 4 (of 4 total)
  • The topic ‘The header must contain the `includeSubDomains` and `preload` directive.’ is closed to new replies.

Subscribe