Delete a HSTS Key Pin in Chrome

Delete a HSTS Key Pin in Chrome Key pinning can be tricky and sometimes you might encounter a website having an incorrect key pin. This is usually caused by renewing certificates. In that case the duration time of the key pin might overlap the expire time of the moment of renewal. Chrome Error You will be seeing an error something like: Your connection is not private   Attackers might be trying to steal your information from domain.com (for example, passwords, […]

Read more

Configure HSTS (HTTP Strict Transport Security) for Apache and Nginx

HSTS configuration for Apache and Nginx HTTP Strict Transport Security (or HSTS) is a security capability to force web clients using HTTPS. The idea behind HSTS is that clients which always should communicate as safely as possible. At achieve this, the web server and web browser will prefer the HTTPS protocol instead of HTTP. Benefits The clear benefit of “forcing” a client to use HTTPS directly, is decreasing the risk of sharing any sensitive information via a protocol which can […]

Read more