Windows 2019
Sponsored Link

IIS : Enable HSTS2019/09/02

 
Enable HSTS (Hypertext Strict Transport Security) for Web Sites.
For [includeSubDomains] option below, all subdomains are included in HSTS target, so you need to verify well before setting it's possible to access to all subdomains with HTTS if specify this option.
[1]
[2] Run PowerShell with Admin Privilege and Configure.
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# get site collection
PS C:\Users\Administrator> $sitesCollection = Get-IISConfigSection -SectionPath "system.applicationHost/sites" | Get-IISConfigCollection 

# get web site you'd like to set HSTS
# specify the name of site for "name"="***"
PS C:\Users\Administrator> $siteElement = Get-IISConfigCollectionElement -ConfigCollection $sitesCollection -ConfigAttribute @{"name"="RX-7.srv.world"} 

# get setting of HSTS for target site
PS C:\Users\Administrator> $hstsElement = Get-IISConfigElement -ConfigElement $siteElement -ChildElementName "hsts" 

# enable HSTS for target site
PS C:\Users\Administrator> Set-IISConfigAttributeValue -ConfigElement $hstsElement -AttributeName "enabled" -AttributeValue $true 

# set [max-age] of HSTS as 31536000 sec (365 days)
# for [max-age], refer to https://hstspreload.org/ 
PS C:\Users\Administrator> Set-IISConfigAttributeValue -ConfigElement $hstsElement -AttributeName "max-age" -AttributeValue 31536000 

# set [includeSubDomains] of HSTS as enabled
# this option applys to all subdomains
PS C:\Users\Administrator> Set-IISConfigAttributeValue -ConfigElement $hstsElement -AttributeName "includeSubDomains" -AttributeValue $true 

# set [redirectHttpToHttps] of HSTS as enabled
PS C:\Users\Administrator> Set-IISConfigAttributeValue -ConfigElement $hstsElement -AttributeName "redirectHttpToHttps" -AttributeValue $true 
IIS : Enable HSTS (GUI)
 
On GUI configuration, set like follows.
[3] Run [Start] - [Server Manager] and Click [Tools] - [Internet Information Services (IIS) Manager], and then Select a Web Site you'd like to set HSTS and Click [HSTS...] on the right pane.
[4] Check a box [Enable].
For other items, refer to [https://hstspreload.org/].
Matched Content