Skip to main content

Search

We are excited to announce the launch of updated product names, logos, and headers within our user interfaces as part of the CivicPlus® Solution Rebranding initiative. These changes mark the first step toward creating a cohesive and seamless user experience across all solutions in our portfolio. As part of this transition, users may notice minor design updates. While the functionality you rely on remains unchanged, we are in the process of updating screenshots and other resources on our Help Centers to reflect the new branding. We appreciate your patience and understanding as we work to complete these updates.

Strict-Transport-Security

  • Updated:

Web Central supports the addition of HSTS headers.

 

Considerations

  • Once HSTS is on, it cannot be easily turned off. This is due to the max-age directive of HSTS. Turning it off will not have any effect until the maximum age is reached.
  • It is generally recommended that the maximum age be 1 year or more.
  • Once a machine visits a domain with HSTS headers present, that machine will only be able to access that domain's site over HTTPS.
  • If the SSL on your site expires, the site will be inaccessible until a new SSL is installed. There is no way to bypass the SSL warnings when HSTS is on.

 

If you are ready to have HSTS enabled, please submit a support ticket. Acknowledge in the ticket that you understand the risks outlined in this article.

 

Note: HSTS can only be enabled for sites on Platinum Security.

 

In-Article Glossary

  • HSTS: HTTP Strict Transport Security
  • HTTPS: Hypertext Transfer Protocol Secure
  • SSL: Secure Sockets Layer
Was this article helpful?
0 out of 0 found this helpful
Return to top

Feedback About the Article

Let us know what was helpful or not helpful about the article below.

0 comments

Please sign in to leave a comment.