How to Enable HSTS for IIS Manager

HTTP Strict Transport Security (HSTS) configurations are handled via the Internet Information Services (IIS) Manager. Complete the following steps in IIS Manager to enable HSTS:

  1. From the Start menu, search and select the IIS Manager (InetMgr.exe)

Starting IIS Manager (Click image to enlarge)

 

  1. Once IIS Manager is loaded, navigate to the Sites directory located in the Connections panel (left panel):

Navigate to the Site directory - left panel (Click to enlarge)

 

  1. From the Sites directory, locate and select the Default Web Sites:

 

  1. Under the Actions panel (right-side), Click HSTS under the Configure section:

 

  1. Once the HSTS modal is loaded, make sure the Enable checkbox is checked:

 

  1. Once Enable is checked, set Max-Age to the recommended value, 31536000, which is equivalent to the amount of seconds in a year.

 

  1. Click OK to complete and activate the configuration: