Question
How to enable OCSP Stapling and HSTS for Plesk interface?
Answer
This functionality is yet to be implemented in Plesk. Vote for the corresponding feature suggestion at UserVoice portal.
Top-ranked suggestions are considered to be included in future Plesk versions.
The following workaround can be applied:
-
Connect to the server using SSH.
-
Open the file
/etc/sw-cp-server/conf.d/ssl.confin text editor and add the following content to it:add_header Strict-Transport-Security "max-age=31536000" always;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s; -
Restart sw-cp-server to apply changes:
# service sw-cp-server restart