Cheap Web Space, Domain Name:
Web Space With E-Mail, PHP/MySQL.

How can I activate HSTS (HTTP Strict Transport Security)?

Question: 

Searching …

 

Unfortunately nothing found on "".

Premium support for Bitpalace web hosting customers only!

 from Saint Vincent and the Grenadines: +49 30 32 70 18 92, Fax (in Germany) +49 30 32 70 18 91

service@bitpalast.net 

Skype: bitpalast

One moment please … your browser is loading the page.

 

 

Symptom

A forced http://-to-https:// redirect still does not fulfill your security requirements. Especially your Nextcloud or Owncloud installer claims that your data are only secure with HSTS.

 

Solution

HSTS stands for "HTTP Strict Transport Security" and asks the browser to only allow encrypted connections to the server for a pre-defined time frame after the first valid SSL/TLS connection. This shall prevent an extreme unlikely, but possible man-in-the-middle attack on the connection between your browser and the server. Arguments against HSTS are the low add-on benefit compared to the higher technical effort and the fact, that you can be traced more easily through the Internet by using HSTS data that is stored in your browser.

HSTS assumes that you have already created an SSL certificate for your domain. You can then easily switch on HSTS with the SSL/TLS icon in the "Websites & Domains" menu of the webspace control panel. To do this, click on the SSL/TLS icon and then on the "HSTS" slider.

You can choose how long HSTS should remain activated and whether it should also be activated for the domain's subdomains and webmail.

 

Overview of frequently asked questions 

 

 

 


 

  from Saint Vincent and the Grenadines: +49 30 32 70 18 92 •  GmbH, Sensburger Allee 27, D-14055 Berlin (Germany)
Your purchase is tax-free, because you order from a non-EU country. © 2024  GmbH. All rights reserved. and the logo are registered trademarks of GmbH. For photo credits see imprint.

Imprint Privacy policy Sitemap