burger
infomaniak
infomaniak
cloud-computing-logo
Cloud Computing
web-domain-logo
Web & Domains
event-marketing-logo
Events & Marketing
  • Our products
    • Collaborative tools icon chevron
    • Web & Domains icon chevron
    • Cloud Computing icon chevron
    • Events & Marketing icon chevron
    • Streaming icon chevron

      All plans

    • ksuite
      The entire kSuite Best choice All collaborative tools. No limits for you and your teams
    • kdrive
      kDrive Store, collaborate and share your files
    • mail service
      Mail Service Create your email addresses with your domain
    • kChat
      kChat Communicate live with your teams
    • kmeet
      kMeet Organise your meetings online in complete security
    • swisstransfer
      SwissTransfer Send your files up to 50 GB free of charge.
    • kpaste
      kPaste Share and encrypt your sensitive information
    • ksuite
      Custom Brand Control the brand image of your products
    • kChat
      Chk Link reducer & QR code generator
      Find the web hosting solution you need
    • Domain name
      Domain name Reserve your domain name at the best price
    • Site Creator
      Site Creator Create your website with ease
    • web hosting
      Web Hosting Create your website with over 100 CMS
    • web hosting
      Wordpress Hosting Create your WordPress website easily
    • Cloud Server
      Cloud Server Power up your sites with guaranteed resources
    • SSL Certificat
      SSL certificates Secure your websites with an EV or DV certificate
      • Options
    • Domain privacy
      Domain Privacy Protect your domains’ private data
    • DNS Fast Anycast
      FastAnycast DNS Speed up your site access times
    • Dyn DNS
      DynDNS Access your devices remotely
    • Dyn DNS
      Renewal Warranty Secure your domains against loss and theft
      Find the right Cloud Computing solution

      Instances

    • public cloud
      Public Cloud (IaaS) Create your projects in a high-end, ultra-competitive Cloud
    • Cloud Server
      VPS Cloud Create a Windows / Linux server
    • VPS Lite
      VPS Lite Create a Windows/Linux server at a low cost

      • Other services

    • llm api
      AI Tools Boost your productivity with our sovereign AI
    • jelastic cloud
      Jelastic Cloud (PaaS) Create your own customised environments
    • swiss backup
      Swiss Backup Back up your devices in the Cloud
    • nas synology
      NAS Synology Rent a NAS in our secure data centers
    • High availibility
      Very High Availability Create a multi-data center infrastructure with customised SLAs
    • Housing
      Housing Install your servers in our data centers
      Infomaniak Events, the independent local events portal
      Online ticketing service with a wide choice of concerts, shows and events.
    • online shop
      Ticketing Create your ticketing service and sell tickets
    • kdrive
      Access Control Control access to your events with ease
    • kdrive
      Guest manager Automate your event invitations
    • kdrive
      Newsletter Send your newsletters at competitive prices
    • Streaming radio
      Streaming radio Create and broadcast your own live radio station online
    • streaming video
      Video-Streaming Create and broadcast live events and TV online
    • VOD and AOD
      VOD & AOD service Host and broadcast your recordings without limits
  • Resources
    documentation icon Documentation
    Guides & tutorials
    API documentation
    special offers icon Special offers
    Get started for free
    Student programme
    Become an affiliate
    partner program icon Partner programme
    Find a partner
    Become a partner
    support icon Support & contact
    Contact Support
    Premium support - 24/7
    Contact our sales department
    Hiring an expert
  • About us
    forest
    icon Ecological commitment
    We pollute. But we are taking action to reduce the footprint of our services and infrastructure
    Discover our commitment →
    icon About Infomaniak
    Our vision, our values
    Our teams
    Infomaniak is recruiting
    Press and communication
    Blog and news
    icon Security
    Data confidentiality
    Bug Bounty Programme
  • search-icon
    close-icon
      icon

      Would your needs exceed our solutions? To find out, contact us so that we can advise you personally.

      Our flagship products:
  • search-icon
  • My account
    • Workspace

      Webmail, contacts, calendar

    • Manager

      Managing Infomaniak products

Price Price
Knowledge base

1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!

Knowledge base Managing HSTS for a Website/Hosting

    Managing HSTS for a Website/Hosting

    This guide explains how to disable or configure HSTS for a website.

     

    Preface

    • when HSTS is enabled for a website, the server tells the visitor of the site (if their web browser is compatible) to replace all insecure links with secure links
    • example: http://www.example.com/a/page/ is automatically replaced with https://www.example.com/a/page/
    • after enabling an SSL certificate on a website, HSTS is configured as follows: max-age=16000000

     

    Disable HSTS

    1. with a CMS (WordPress, Joomla, etc.)

    Include the following line in all pages generated by the CMS:

    header( 'Strict-Transport-Security: max-age=0;' );

    For WordPress, it is possible to add this directive in the functions.php file of your theme:

    add_action( 'send_headers', 'add_header_xua' );
function add_header_xua() {
    header( 'Strict-Transport-Security: max-age=0;' );
}

    More details on WordPress 

    2. with a PHP site

    Include the following line in all PHP pages:

    header( 'Strict-Transport-Security: max-age=0;' );

    To do this without having to modify each PHP page of a site, you can use the auto_prepend_file directive in the .user.ini file of the concerned site:

    auto_prepend_file=/home/clients/xxxx/web/hsts_disable.php

    ... with the following hsts_disable.php file:

    header( 'Strict-Transport-Security: max-age=0;' );

    3. with a static content site (non-PHP)

    Include this header in a .htaccess file:

    # BEGIN DISABLE HSTS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=0; includeSubDomains;"
</IfModule>
# END DISABLE HSTS

    Customize HSTS

    The default value can be modified in your PHP files of your website with the following directive:

    header( 'Strict-Transport-Security: max-age=X; includeSubdomains; preload' );

    (X being the desired number of seconds)

    Enable HSTS for all hosted subdomains

    includeSubDomains; is enabled by default and, as its name indicates, it will include subdomains in the "Strict Transport Security".

    When the visitor goes to an insecure subdomain, the browser will redirect to HTTPS automatically and cause a security error.

    If this behavior is not desired, this header should be removed.

    Clear the browser's HSTS cache

    To do this:

    1. in Chrome, type chrome://net-internals/#hsts
    2. enter the domain name in the text field of the "Delete domain security policies" section
    3. click on the Delete button
    4. enter the domain name in the text field of the "Query HSTS" section
    5. click on the Query button
    6. the response should be "Not found"
    7. with Safari, start by closing the browser
    8. delete the file ~/Library/Cookies/HSTS.plist
    9. reopen Safari
    10. with Firefox, close all tabs
    11. open the Firefox menu and click on History / Show History.
    12. search for the page for which you want to remove HSTS preferences
    13. right-click on one of the entries corresponding to it
    14. choose Forget this site


    Link to this FAQ:
    Has this FAQ been helpful?
    Thank you for your feedback. Improve this FAQ?
    Please do not ask any questions through this form, it is only used to improve our FAQ.
    Please use our contact form for any question.
    Your message has been sent. Thank you for suggesting an improvement to this FAQ.
    Display all FAQs for this product
    logo infomaniak
    Prices do not include VAT
    facebook
    twitter
    linkedin
    instagram

    Infomaniak

    About Infomaniak The team Infomaniak is recruiting Press space Infomaniak blog All certificates Free products Clients' opinions

    Support

    Assistance 7/7 FAQ and guides Premium Support Sales contact API REST Report abuse

    Partnerships

    Become a reseller Affiliate programme Directory of partners Requests for quotes

    Ecology

    Green hosting Certificates & awards

    Follow our development

    The email entered is invalid
    earth icon
    • EN
      • EN
      • DE
      • ES
      • FR
      • IT
    ©2024 Infomaniak - Legal documents - Legal notice - Data Protection - Privacy Policy - Site map - Manage your cookies
    icann-logo
    swiss
    new-iso
    swiss-hosting
    logo infomaniak
    Prices do not include VAT

    Infomaniak

    About Infomaniak The team Infomaniak is recruiting Press and media Infomaniak blog All certificates Free products Clients' opinions

    Support

    Assistance 7/7 FAQ and guides Premium Support offer Sales contact API REST Report abuse

    Partnerships

    Become a reseller Affiliate programme Directory of partners Requests for quotes

    Ecology

    Green hosting Certificates & awards

    Follow our development

    The email entered is invalid
    icann-logo
    swiss
    new-iso
    swiss-hosting
    facebook
    twitter
    linkedin
    instagram
    ©2024 Infomaniak
    Contracts - Legal notice - Data Protection - Privacy Policy - Site map - Manage your cookies

    Managers

    earth icon
    • EN
      • EN
      • DE
      • ES
      • FR
      • IT
    Your browser is outdated, security and browsability are no longer guaranteed. We recommend that you update it as soon as possible by clicking here.