I have a cPanel Ultimate Hosting account on Linux. I would like to enable HSTS in the config for my site instead of .htaccess files.
Does Godaddy cPanel hosting support include files and if so where would I place the files and what name would I use.
You cannot enable HSTS with any of our shared hosting accounts. A Virtual Dedicated or Dedicated Server will allow you to enable to do so. Sorry, this isn't something that we support so I don't have much information to provide. Maybe one of our community members can chime in with more information.
You can enable HSTS for hosting accounts using the .htaccess file.
Adding the following in .htaccess file to enableHSTS
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
Testing with curl confirms that HSTS is enabled
curl -s -D- https://oslinux.net/ | grep Strict
@charminglygeeky do you know if Godaddy supports include files for cPannel accounts?
I am shocked that Godaddy does not enable HSTS on their shared hosting plans. This is a stunning security failure by Godaddy, leaving their clients' shared hosting plans vulnerable to a common and widely known security attack. Lots of other hosting companies routinely offer HSTS enablement. Why cannot Godaddy? More importantly, why will not Godaddy?