Enables HTTP Strict Transport Security (HSTS) on your WordPress site.
It’s never a bad practice to enable security measures on your website.
Please note that this should only be activated if you have an active the SSL Certificate on your Website, and all http links are properly redirected to https.
We recommend installing Really Simple SSL Plugin before activating (https://wordpress.org/plugins/really-simple-ssl/)
Just to check
- Activate the plugin.
- Clear any cache on your website. (If you have any)
- Go to http://www.webconfs.com/http-header-check.php.
- You should see Strict-Transport-Security: max-age=31536000 added to your headers. This headers tells the browsers to not allow your website to load without a valid SSL Certificate.
- Tested up to 5.8.1 WordPress version
- Requires WordPress 4.8 version or higher
- Search and install from your WordPress dashboard -> plugins page
- Or manually download and extract folder to your plugins directory(wp-content/plugins/)
- Activate plugin RSG HSTS Enabler
- You’re all set!