Here is a step by step guide to clearing the HSTS settings in your favorite browser.
First off, let us commence with the basics. What is HSTS? It is an acronym for HTTP Strict Transport Security. It enables browsers to get better connections through HTTPS while restricting HTTP connections that are the gateway to most brute attacks by hackers. HTTP websites are being phased out of the scene and swiftly being replaced by HTTPS which is more secure because it uses SSL certificates that are really the backbone of all secure and safe sites.
HSTS is slowly gaining traction by many developers and clients on the web. However, rolling out the entire HSTS protocol on your browser can hamper some errors in your browser in several cases. That is why you need to clear these errors so you can continue enjoying the HSTS settings on your browser. It goes without mentioning that HSTS will aid the SSL certificate in preventing interruption by hackers and even leaking of sensitive information you may be sharing over the web.
This protocol was created to curb a rise in SSL Strip attacks. Hackers had devised a way of downgrading HTTPS connections to HTTP. This caused more websites to get hacked and that is where the HSTS was invented, it works by transmitting a policy to a web page’s header and thus forcing it to create a secure HTTPS connection upon a person paying a visit to the website
Let us now get into the subject matter, here is how to clear HSTS Settings in Chrome and Firefox
Let us start with Chrome
If you have visited a website and it has returned the following statement (NET: ERR_CERT_AUTHORITY _INVALID). If you see this error message in chrome then you have two options, either disable HSTS from your chrome browser or clear the HSTS settings. So here is how to clear the HSTS cache.
- Launch Google Chrome
- Input and search chrome://net-internals/#hsts
- Search to locate the Query HSTS/PKP domain field. Once here, you will be required to enter the domain name of the site you desire to clear the HSTS settings.
- Lastly input the domain name in a section you will see called ‘Delete domain security policies’ and subsequently select the delete option.
In those four easy steps, you will have cleared the HSTS and you can go back to the website and continue surfing the web at your convenience.
In Firefox, do the following:
There are many ways of working around the HSTS error returned by sites from your Firefox browser, below is the easiest way of clearing this type of error.
- Initially, always close any open tabs that may be running
- Open your browsing history
- Search for the site you wish to clear the HSTS settings and click on it
- Lastly, you will right click on it and a small window of options will pop, select the ‘forget about this site’ option
You will have cleared the error in your Firefox browser in four very easy steps.
After reading through the above steps you might be wondering what the factors to consider before rolling out any clearing protocols on the HSTS feature. Here are several factors you could put to account.
- Always ensure you are using an SSL certificate, installing one is very easy and fast. It will protect your site from brute attacks and give you a sense of security as you browse through and even visitors to your site will be more confident to engage with you.
- Utilize 301 redirects. In a nutshell, these are lifesavers because they direct all HTTP pages to secure HTTPS pages.
- Make use of wildcard certificates if you have subdomains. It secures your site using just one certificate. They are very economical and safe to use.
- Roll out subdomain and preload headers, these will serve to getting a HSTS preload list before clearing any errors that may come.
Those are important things to consider before carrying out any clearing. You should also note that in Firefox, once you forget about the site, you will lose all data you had shared with the site.
It is also important to stress on the importance of SSL certificates on your website. They are very crucial in implementing safe browsing and safe engaging with clients on your site.
As its evident now, HSTS Settings are a necessity in preventing intruders from getting to you. They beef up your security especially for ecommerce stores that have payment gateways, they are recommended for your everyday use.
HSTS is a good thing but may be occasionally marred with errors, these are errors and very easy to clear and, in the end, it will be worth it once you clear or delete this error. Try this out today!
- HOW HASHING ALGORITHMS WORK
- ERR_CONNECTION_REFUSED: SOLUTIONS TO RESOLVE THIS ERROR
- HOW PKI WORKS TOWARDS SECURING YOUR ORGANIZATION?
- STEPS TO RESOLVE THE ‘NET ERR_CERT_AUTHORITY_INVALID’ ERROR IN GOOGLE CHROME
- TOP 5 BEST CHEAPEST WILDCARD SSL CERTIFICATE PROVIDERS
- TOP 6 BEST SSL CERTIFICATE PROVIDERS [NEW LIST]