All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Strict-Transport-Security max-age issue in Centos Web Panel
Hello
We have one WordPress site in a dedicated Centos Web Panel VPS and we need to use some pages under HTTP, rest of the site is using HTTPS.
For this purpose, we use the plugin "Really Simple SSL per page", but in http pages we get a ERR_TOO_MANY_REDIRECTS error.
We oppened a ticket to plugin devs and they replied:
I see, on https:// an HTTP Strict Transport Security is added automatically (Strict-Transport-Security max-age=31536000). This isn't added by Really Simple SSL, nor by a rule in your .htaccess file or another plugin. I suspect this header is added by your own server or panel
Seems a PHP-FPM setting, anyone knows how to disable it or fix this issue ?
Thanks !
Comments
Are you using cloudflare ?
Noooo ! Using Nginx & Varnish & Apache, so getting a very nice performance !
And also using cloudns DNS services
Do you have CloudFlare on by any chance? Try changing 'Flexible' to 'Full' in SSL settings
No, I don't use CloudFlare !
Do you use cloud flare? Their flexible ssl sometimes is a bitch
Check nginx.conf file as I think HSTS setting is added in there
Looks like you use cloudflare.
Yes mate, that was the issue, thanks !
I knew it was cloudflare.
Noooo ! I said I don't use CloudFlare !
It was HSTS settings in nginx !
If you say so...
I am still convinced it's all cloudflare's fault.