Unnecessary HSTS header

Goody

New Member
#1
Hi, my domain is eligible for preloading, although we recommend fixing the following warnings.

Warning: Unnecessary HSTS header over HTTPThe HTTP page at my domain sends an HSTS header. This has no effect over HTTP, and should be removed.

My current setup is OpenLiteSpeed 1.6.16

Header Operations:
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS

Anything else I should be doing? thanks!
 
Top