Change all SSL sites on this server to use HSTS

By mattstauffer //
Clone
HSTS is a setting you can enable on your SSL-enabled domains to ensure browsers will never connect to the non-secured version of your web site.

https://https.cio.gov/hsts/

If you run this script, it will enable HSTS on all of your SSL-secured domains.

I've tested this on a few Tighten servers and so far it's worked, but please know this is just me writing this as best as I can.

Enjoy!

Site maintained by your friends at Tighten © 2026