Question
How to enable the HTTP Strict-Transport-Security (HSTS) and OCSP stapling for all domains automatically in Plesk?
Answer
Currently, there is no such functionality in Plesk.
If you would like to see this feature in Plesk, please vote for it on the Plesk UserVoice portal.
As a workaround, it’s possible to automatically enable HSTS for all domains via CLI:
Note: as of now only HTTP Strict-Transport-Security (HSTS) could be enabled for all domains via CLI. OCSP stapling needs to be enabled manually for each domain via Plesk interface as mentioned in this article
- Log in to the server via SSH.
-
Run the command below to generate a list of all domains:
# plesk bin site –list > domains.txt
-
Execute the script below to enable HSTS for all domains from the domains.txt file:Â
# for i in `cat domains.txt`; do plesk ext sslit –hsts -enable -domain $i; done
There is a feature request #EXTSSLIT-1569 for RnD to enable OCSP stapling via CLI.