HSTS works wrong

  • When I enable “Use HSTS Transport Security header” in Browser Cache with Nginx I get error from https://hstspreload.org – “Error: No HSTS header”. Header must be added in “location ~ /wp-content/cache/page_enhanced.*html$” and it must be:

    add_header Strict-Transport-Security “max-age=31536000; includeSubDomains; preload” always;

    Please fix it!

Viewing 1 replies (of 1 total)

  • Many of us just use w3-total-cache-fixed which includes a very extensive Security Headers section inside W3 Total Cache and of course fixes the nginx problem you’re having, among a gazillion other bugs. Just a thought.

Viewing 1 replies (of 1 total)
  • The topic ‘HSTS works wrong’ is closed to new replies.