Question
How to enable HSTS on a cPanel server?
Answer
- Log into WHM as the
rootuser. - Navigate to WHM / Service Configuration / Apache Configuration.
- Click Include Editor.
- Select All Versions from the drop-down menu under Pre-Main Include.
-
Add the following text.
CONFIG_TEXT: <IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always edit Set-Cookie (.*) "$1;HttpOnly;Secure"
Header always set X-Frame-Options "sameorigin"
Header setifempty Referrer-Policy: same-origin
Header set X-XSS-Protection "1; mode=block"
Header set X-Permitted-Cross-Domain-Policies "none"
Header set Referrer-Policy "no-referrer"
Header set X-Content-Type-Options: nosniff
</IfModule> - Click the Update button.
- Click the Restart Apache button.
To confirm that your site now has the strict-transport-security header, run the following command:
# read -p "Domain: " domain ; curl -sI https://${domain}/ | grep -i Strict-Transport-Security
The command above will request a domain. Here is an example:
# [root@server ~]cPs# read -p "Domain: " domain ; curl -sI https://${domain}/ | grep -i Strict-Transport-Security
Domain: domain.tld
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Comments
0 comments
Article is closed for comments.