Articles in this section

How to enable OCSP Stapling and HSTS for Plesk interface?

Atif Bangash
Updated
kb: how-to Plesk for Linux

Applicable to:

  • Plesk for Linux

Question

How to enable OCSP Stapling and HSTS for Plesk interface?

Answer

This functionality is yet to be implemented in Plesk. Vote for the corresponding feature suggestion at Plesk Feature Portal..

Top-ranked suggestions are considered to be included in future Plesk versions.

The following workaround can be applied:

  1. Connect to the server using SSH.

  2. Open the file /etc/sw-cp-server/conf.d/plesk.conf for editing via a command-line text editor and add the following content within its server section:

    add_header Strict-Transport-Security "max-age=31536000" always;
    ssl_stapling on; 
    ssl_stapling_verify on; 
    resolver 8.8.4.4 8.8.8.8 valid=300s; 
    resolver_timeout 10s;

    Note: in order to enable HSTS without OCSP Stapling only add the add_header line to the file above

  3. Restart sw-cp-server to apply changes:

    # service sw-cp-server restart

Was this article helpful?

Comments

1 comment
Date Votes
  • Avatar
    WebCodePoet

    I use latest Plesk Obsidian, and this does not work.

    0

Please sign in to leave a comment.