Salesforce B2C Commerce 24.7 > Administering Your Organization > Site Preferences > Embedded CDN

Manage HSTS

HTTP Strict Transport Security (HSTS) secures your site by instructing web browsers to access your domain using only HTTPS.

  • Configure HSTS
    HTTP Strict Transport Security (HSTS) secures your site by instructing web browsers to access your domain using only HTTPS. HSTS prevents attackers from using downgrade attacks against your site. For extra security, enable preload, which forces web browsers to open your site in HTTPS the first time it's requested. Read the IETF on HSTS for more information.
  • Disable HSTS
    Disabling HSTS is a two-step process. You first let shoppers access your site using an insecure connection and then, stop your site from sending HSTS in the header.

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.