cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Enable HSTS on cPanel / WHM interface

jcnewton shared this idea 35 days ago
Open Discussion

As a server administrator, I'd like to request a Tweak Setting so that clients can enable HSTS for cpsrvd.


Several clients have reported PCI Compliance failures due to HSTS not being able to be enabled on the cpsrvd ports.


The current Tweak Settings are:

Require SSL for cPanel Services

This option forces the server to redirect unencrypted cPanel, Webmail, WHM, and DAV requests to secure ports according to the SSL redirection settings. If “Choose the closest matched domain for which that the system has a valid certificate when redirecting from non-SSL to SSL URLs” is enabled, the system will redirect to the best matched certificate for the domain. If “Choose the closest matched domain for which that the system has a valid certificate when redirecting from non-SSL to SSL URLs” is disabled, the system will redirect to the https:// URL for the domain, even if no valid certificate exists for the domain.