A security scan reports no HSTS support on cPanel ports such as 2087, 2096, and 2083. Does cpsrvd support HSTS?
cpsrvd enforces SSL upgrades, regardless of the HSTS setting. This prevents TLS downgrade attempts, minimizing the need for HSTS headers.
At the time this article was written, there is no method to support HSTS on cpsrvd. We do have an existing feature request to have this functionality added:
We encourage you to vote on the above feature request to bring it to cPanel developers' attention. The more votes that a feature request receives, the more likely the functionality will be added to a future version of the cPanel software.
If you are seeking information on how to add HSTS to Apache, please see below: