How do I disable HSTS on my website?

Question

How do I disable HSTS on my website?

Answer

If your website has HSTS enabled, it is most likely done from the website's "htaccess" file. To check if you have HSTS enabled, you can run this command from the user's home directory:

grep -i 'strict' /home/$user/public_html

If HSTS is enabled, you might have an output return that says this:

# grep -i 'strict' /home/$user/public_html
Header always set Strict-Transport-Security "max-age=300; includeSubDomains; preload"

To disable HSTS, simply remove the "Strict-Transport-Security" line from the domain's "htaccess" file.