A User’s Guide to HSTS and how to easily clear or disable HSTS settings on your browsers – Chrome, Firefox and Internet Explorer.For the most part, the creation of HSTS has been welcomed by developers and everyday users, due to its ability to strengthen online security measures. HSTS provides an additional level of security that better protects your website from being hacked and reduces the risk of your personal data being corrupted. However, the implementation of HSTS can occasionally cause browser errors in certain cases. This is an issue that can easily be resolved through the effective clearing of HSTS settings on most major browsers. Show
What is HSTS?HSTS stands for HTTP Strict Transport Security. It enables browsers to forge better connections via HTTPS and at the same time, limits HTTP connections that will inevitably be less secure. HSTS is advantageous as it prevents both cookies hijacking and protocol downgrade interference. HSTS was originally created in response to an increase in SSL Strip attacks. These attacks were prone to inhibiting HTTPS connections and causing a downgrade to more vulnerable HTTP connections. HSTS works as a security measure by transmitting a policy to a web page’s header. This then forces a browser to create a secure HTTPS connection when a person visits a website. Should I implement HSTS on my website?It is strongly advised that you implement HSTS settings on your website. HSTS settings will bolster your site’s security and protect your personal data. Even if you have a trusted SSL Certificate, online hackers can still potentially exploit your site. If you choose not to implement HSTS settings on your website, you are increasing the likelihood that your stored information will be tarnished through cyber-attacks. By not utilizing HSTS, it’s as though you have a protective gate surrounding your website; but with an open front door. You’re essentially inviting hackers inside your site. You can add “include subdomains” and “preload” in header. What to consider before implementing HSTS?Prior to implementing HSTS settings on your website, it’s important to consider several points before you’re able to include the relevant header:
How to clear or disable HSTS in different browsers?Here’s a common scenario that is sure to have you scratching your head: You’re attempting to visit a website when suddenly you see the message,
If you encounter this rather perplexing message, firstly open a different type of browser and see if you can access the website without the same message being displayed. If you can, this means that there is most likely an issue with the configuration of the original browser’s HSTS settings. You then have two options: You can either clear the HSTS settings or disable HSTS from your web browser. Clearing HSTS in ChromeWhen there is an issue with your HSTS settings in Chrome, you will most often encounter an error message such as “Your connection is not private”. Within the advanced menu of this error message, there would likely be an explicit mention of HSTS settings. You can delete the HSTS cache from your Chrome browser by implementing the following steps:
Congratulations! You’ve officially cleared HSTS settings in Chrome. Clearing HSTS in FirefoxWhilst there are several methods for clearing or disabling HSTS in Firefox, the most straightforward approach is as follows:
And that’s as easy as it is! HSTS settings have now been cleared in Firefox. Clearing HSTS in Internet Explorer
Note: Values for the iexplore.exe subkey are 0 and 1. A value of 1 inactivates the feature, and 0 activates the feature. ConclusionAs you’ve witnessed, HSTS settings provide you with enhanced website security. If you’re developing your own website, it is strongly recommended that you boost your online security by applying HSTS. Before you go ahead and implement HSTS, keep in mind that you will need to have first installed a reputable SSL Certificate. Whilst HSTS offers a range of benefits, the downside can be the occasional browser error. If this occurs, it only takes a few short steps to clear and disable HSTS. Once this done, you’ll be able to get back to business and enjoy an uninterrupted browsing experience. |