You are here: Home / Disable HTS checking in Nginx

Disable HTS checking in Nginx

Often for testing, development, admin, or troubleshooting purposes, HSTS is a PITA that needs to be turned off. Here are some quick notes to do so in nginx...



Disable HTTP Strict Transport Policy
Look for the following line in NGINX configuration file.

add_header Strict-Transport-Security ...
Remove this line, or comment it by adding # at its beginning.


If you don’t find the above line, then add the following line

add_header Strict-Transport-Security "max-age=0;";
In the above line, we set the Strict-Transport-Security header for 0 days, that is, we disable it.

You need to add this in server block of your NGINX configuration file, that listens to port 443 (SSL/HTTPS).

server {
listen 443
add_header Strict-Transport-Security "max-age=0";