Enable HTTP Strict Transport Security HSTS In .htaccess

Add this line to htaccess:

Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

To check you can use curl:

curl -s -D- https://example.com/ | grep -i Strict

Lack of HSTS is often flagged by SEO and security tools.

Leave a Reply

Your email address will not be published. Required fields are marked *