.htaccess中的HSTS设置

beq87vna 于 2022-12-13 发布在其他

关注(0)|答案(1)|浏览(113)

我正在尝试通过https://hstspreload.org/上的测试-但是我得到以下错误：

Error: Subdomain `www.test.com` is a subdomain. Please preload `test.com` instead. (Due to the size of the preload list and the behaviour of cookies across subdomains, we only accept automated preload list submissions of whole registered domains.)

（添加test.com以隐藏域）
对于HTTPS和HSTS，我的.htaccess文件如下所示：

RewriteEngine On
RewriteCond %{REQUEST_URI} /(.+)/$
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ https://www.test.com/%1 [R=301,L]

RewriteCond %{REQUEST_URI} !(.+)/$
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+)$ https://www.test.com/$1/ [R=301,L]

RewriteCond %{HTTP_HOST} !^www\.(.*)$ [OR,NC]
RewriteCond %{https} off  
RewriteRule ^(.*)$ https://www.test.com/$1 [R=301,L]

<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
</IfModule>

.htaccess

来源：https://stackoverflow.com/questions/72589396/hsts-setup-in-htaccess

1条答案

按热度按时间

dojqjjoe1#

尝试在www规则之前设置HTTPS规则。这对我很有效：

RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

赞(0）回复(0）举报 2022-12-13

我来回答

.htaccess中的HSTS设置

1条答案

相关问题

热门标签

最新问答