Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HSTS problem?

Discussion in 'Security' started by ravworld, Jan 4, 2018.

  1. ravworld

    ravworld Registered

    Joined:
    Jan 4, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Poland
    cPanel Access Level:
    Root Administrator
    Hellow,

    i have a problem with client's page. He have domain example.com.pl and subdomain blog.example.com.pl. For example.com.pl he forced redirect http to https with .htaccess. He have ssl cert only for example.com.pl and www.example.com.pl.

    When we access to example.com.pl apache automaticaly redirect us to https://example.com.pl and site work perfectly. But when we want to connect from https://example.com.pl to http://blog.example.com.pl (by the link), website blog.example.com.pl can not be displayed because of "The connection is not private". In the details of the error we can read something like: "You can not access to this web because of using HSTS"

    At the firts time we thought that the problem was in .htaccess rules, but when we delete him problem was not resolved.

    Interesing is that when we connect directly to http://blog.example.com.pl first time on each device, website works properly. But when we at first connect to https://example.com.pl and then connect directly to http://blog.example.com.pl page show error.

    Headers for example.com.pl and blog.example.com.pl include line:

    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    but i have no idea where it is set. Has anyone encountered a similar problem?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,693
    Likes Received:
    1,703
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look?

    Thank you.
     
Loading...

Share This Page