Add HSTS in Zenphoto

The HTTP Strict Transport Security (HSTS) HTTP header ensures web browsers always load your image gallery with HTTPS. After you force SSL usage, follow below to add HSTS in Zenphoto.

Warning: Once enabled, HSTS disallows the user from overriding an invalid or self-signed certificate message. Your website will be inaccessible without a valid SSL.


  1. Login to Zenphoto.
  2. Install the http_security_headers plugin in the Security category.
  3. Click the gear icon to change settings.
  4. Specify HSTS settings:
    Strict-Transport-Security: max-age – how long HSTS should be active in seconds before rechecking its status
    Strict-Transport-Security – includeSubdomains – check to include subdomains
    Strict-Transport-Security – preload – check to submit your domain to the preload list
  5. Click Apply at the bottom.
Enable for 10886400 seconds (126 days) and on subdomains

To better secure your image galleries, configure X-Frame-Options in Zenphoto and check out our managed VPS host.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

Was this article helpful? Join the conversation!

Shop the Black Friday Sale
Hurry! These Deals Won't Last Long