How to disable HSTS header with HTTP?
问题 I have inserted the following in the .htaccess of my site in order to be admitted to the HSTS preload list: <ifModule mod_headers.c> Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" </ifModule> The problem is that when I submit my site, I obtain: Warning: Unnecessary HSTS header over HTTP. The HTTP page at http: //fabriziorocca.it sends an HSTS header. This has no effect over HTTP, and should be removed. At the moment I use the following in the