HSTS Emergency Procedures
HSTS Emergency Procedures
If HSTS causes issues, have rollback procedures ready:
// HSTS kill switch
app.use((req, res, next) => {
if (process.env.HSTS_DISABLED === 'true') {
// Set max-age=0 to clear HSTS
res.setHeader('Strict-Transport-Security', 'max-age=0');
} else {
// Normal HSTS header
res.setHeader('Strict-Transport-Security', 'max-age=31536000');
}
next();
});
// Monitoring for HSTS issues
app.post('/hsts-issue-report', (req, res) => {
const { userAgent, issue, timestamp } = req.body;
// Log issue for analysis
logger.error('HSTS Issue Report', {
userAgent,
issue,
timestamp,
ip: req.ip
});
// Alert if threshold exceeded
if (getRecentIssueCount() > 10) {
alertOncall('High HSTS issue rate detected');
}
res.json({ reported: true });
});