- Login to Zenphoto.
- Install the http_security_headers plugin in the Security category.
- Click the gear icon to change settings.
- Specify HSTS settings:
- Strict-Transport-Security: max-age – how long HSTS should be active in seconds before rechecking its status
- Strict-Transport-Security – includeSubdomains – check to include subdomains
- Strict-Transport-Security – preload – check to submit your domain to the preload list
- Click Apply at the bottom.
To better secure your image galleries, configure Content Security Policy (CSP) in Zenphoto and check out our managed VPS Hosting.