Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

HSTS problem?

Discussion in 'Security' started by ravworld, Jan 4, 2018.

  1. ravworld

    ravworld Registered

    Joined:
    Jan 4, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Poland
    cPanel Access Level:
    Root Administrator
    Hellow,

    i have a problem with client's page. He have domain example.com.pl and subdomain blog.example.com.pl. For example.com.pl he forced redirect http to https with .htaccess. He have ssl cert only for example.com.pl and www.example.com.pl.

    When we access to example.com.pl apache automaticaly redirect us to https://example.com.pl and site work perfectly. But when we want to connect from https://example.com.pl to http://blog.example.com.pl (by the link), website blog.example.com.pl can not be displayed because of "The connection is not private". In the details of the error we can read something like: "You can not access to this web because of using HSTS"

    At the firts time we thought that the problem was in .htaccess rules, but when we delete him problem was not resolved.

    Interesing is that when we connect directly to http://blog.example.com.pl first time on each device, website works properly. But when we at first connect to https://example.com.pl and then connect directly to http://blog.example.com.pl page show error.

    Headers for example.com.pl and blog.example.com.pl include line:

    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    but i have no idea where it is set. Has anyone encountered a similar problem?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,827
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice