Enable HTTP Strict Transport Security (HSTS) in IIS 7

IIS has the ability to add custom headers to responses. This would seem to be the easiest way to go about it.

According to the documentation on IIS.net you can add these headers through IIS Manager:

  • In the Connections pane, go to the site, application, or directory for which you want to set a custom HTTP header.
  • In the Home pane, double-click HTTP Response Headers.
  • In the HTTP Response Headers pane, click Add… in the Actions pane.
  • In the Add Custom HTTP Response Header dialog box, set the name and value for your custom header, and then click OK.

Related Posts:

  1. applicationhost.config file path in IIS 7, 7.5, 8, 8.5 and IIS 10?
  2. Bad Request – Invalid Hostname IIS7
  3. What is w3wp.exe?
  4. IIS: Where can I find the IIS logs?
  5. The page was not displayed because the request entity is too large on IIS
  6. The page was not displayed because the request entity is too large on IIS
  7. Cannot read configuration file due to insufficient permissions
  8. Cannot read configuration file due to insufficient permissions
  9. How do I resolve “HTTP Error 500.19 – Internal Server Error” on IIS7.0
  10. System.ComponentModel.Win32Exception: Access is denied Error
  11. PHP Fatal error: Call to undefined function mssql_connect()
  12. How to assign permissions to ApplicationPoolIdentity account
  13. What should I do to make sure that IIS does not recycle my application?

Leave a Comment