Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Microsoft IIS webserver.

  1. Start the application named: IIS Manager.

  2. Select your website

  3. On the right part of the screen, access the option named: HTTP Response Headers.

  4. On the top right part of the screen, click on the Add option.

  5. To enable the HSTS feature, enter the following configuration:

    • NAME: Strict-Transport-Security• VALUE: max-age=31536000; includeSubDomains; preload

  6. Click on the OK button.

Back to top