Table of Contents
Many people wants to know how to Clear HSTS Settings on any Web Browser. HSTS has the ability to make the Internet safer by adding another layer of security. With this extra protection, hackers and other cyberattacks can’t get into a business’s web infrastructure, and the data can’t be stolen. But there is one big problem with HSTS. It sometimes causes browser problems because of how it’s put together. Don’t worry, though; fixing this mistake on different browsers is not as hard as you might think.
Many coders and clients on the web are slowly starting to use HSTS. But putting the whole HSTS protocol on your computer can sometimes make it harder to fix errors in your browser. That’s why you need to fix these problems so you can keep using your browser’s HSTS settings. It goes without saying that HSTS will help the SSL certificate stop hackers from interfering and even stop private information you might be sharing over the web from getting out. We mentioned below are the step how to Clear HSTS Settings on any Web Browser.
What Are HSTS Settings and Why Clear Them?
HTTP Strict Transport Security (HSTS) is a security feature for the web that helps browsers make connections using HTTPS and limits HTTP connections that are not safe. The main reason the HSTS mechanism was made was to stop SSL Strip attacks, which can turn secure HTTPS links into less secure HTTP connections. The name for HSTS is “HTTP Strict Transport Security.”
It is a web security policy that lets websites tell browsers that they can only connect to them safely through HTTPS (HTTP over SSL/TLS) and not through HTTP (which is not encrypted). When a browser visits a website that has HSTS turned on, it saves this setting and automatically sends future requests to the website’s secure HTTPS version. Clearing HSTS settings means turning off the HSTS policy or removing it from a browser or system. This step may be needed in the following situations:
- Testing and Development: During the development process of a website or web app, it may be necessary to turn off HSTS so that different protocols or configurations can be tested and debugged more easily.
- Troubleshooting: If you can’t get to a certain website because of your HSTS settings, you can clear them to fix the problem. If the HSTS policy is set up wrong, computers may block access to a website.
- Privacy and security: Clearing the HSTS settings can be helpful if you want to get rid of any traces or stored information about websites you have viewed. It can help keep you healthy.
Common Reasons to Clear HSTS Settings
- When making changes to a website or testing it: you may need to briefly turn off HTTPS enforcement by clearing the HSTS settings. This lets you try different configurations, protocols, or features without being locked into secure connections.
- Accessing Websites That Can’t Be Reached: If a website’s SSL certificate is incorrect or has expired, or if there are other problems that stop a secure connection, you can use an unencrypted connection to reach the site by clearing the HSTS settings. But you should only do this with care because it could put your info at risk of security problems.
- Fixing problems with HSTS: In some situations, HSTS settings can make it hard to get to some websites or services. For example, if a website hasn’t set up HSTS properly or if there are problems with cached HSTS policies, clearing the settings may help fix the problems and make the website accessible again.
- Privacy and Security: Clearing the HSTS settings can be helpful if you want to get rid of any information that has been saved about the websites you have viewed. By clearing the settings, you get rid of the HSTS data that was saved and could have been used to track or identify the device.
How to Clear HSTS Settings on any Web Browser
Clearing HSTS settings in Chrome
If there is a problem with the HSTS settings in Chrome, an error like “Your connection is not private” will generally show up. If you open the error’s Advanced menu, you’ll probably see a small note about HSTS. It will say something like, “You can’t go to website name because it uses HSTS. Network problems and attacks generally only last a short time, so this page should work again soon. If you want to know more information about this Visit Chrome Official Website for further Support. Follow the steps below to clear the HSTS cookies from your Chrome browser if you’re having the same problem:

- Copy and paste the following into the address bar of Google Chrome: chrome://net-internals/#hsts
- Open the Domain Security Policy.
- In the Query HSTS/PKP domain section, enter the domain you want to clear its HSTS settings.
- A list of numbers will be returned to you.
- Scroll down until you find the Delete domain security policies option.
- Enter the same domain name and click the Delete button to remove the HSTS settings.
- Restart Chrome.
- Try accessing the address whose HSTS settings you cleared earlier.
- If the problem was caused by the HSTS settings, the page should now be accessible.
Clearing or Disabling HSTS settings in Internet Explorer
Since HSTS is an important way to improve security, both Internet Explorer and Microsoft Edge have it turned on by default. Even though Microsoft doesn’t suggest turning off HSTS in their browsers, you can do so in Internet Explorer. Here’s a quick guide on how to do this with Registry Editor:
- Press the Windows key and the letter R to bring up the Run box. Then press Enter after typing “regedit” to open Registry Editor.
- Using the left side of Registry Editor, go to the following registry subkey: HKEY_LOCAL_MACHINE SOFTWARE Microsoft Internet Explorer Main. FeatureControl
- Select New > Key when you right-click on FeatureControl. Name it FEATURE_DISABLE_HSTS and press Enter to make a new key.
- Right-click on FEATURE_DISABLE_HSTS and select New > DWORD (32-bit) value.
- Name the new DWORD iexplore.exe, and then press Enter to confirm.
- Right-click on iexplore.exe and select “Modify.” Type 1 in the box that says “Value,” and then click “OK” to save the changes.
- Use the left pane to find the following registry subkey: HKEY_LOCAL_MACHINE SOFTWARE Wow6432Node Microsoft Internet Explorer Main FeatureControl Enabled.
- Right-click on FeatureControl and choose New > Key. Give it the name FEATURE_DISABLE_HSTS and press Enter to save the changes.
- Right-click on FEATURE_DISABLE_HSTS, choose New > DWORD (32-bit) value, and name it iexplore.exe.
- Double-click on iexplore.exe, change the Value data box to 1, and then click OK to save the changes.
- Restart your computer and check to see if the HSTS settings for Internet Explorer have been turned off when it starts up again.
Clearing or Disabling HSTS settings in Firefox
Clearing the Settings by Forgetting the Website
- Open Firefox and ensure that every tab and pop-up window that is open is closed.
- To open the Library menu, press Ctrl + Shift + H (or Cmd + Shift + H on a Mac).
- Find the site whose HSTS settings you want to delete. Use the search bar in the top right area to make things easier for yourself.
- Once you find the site whose HSTS settings you want to clear, right-click on it and choose “Forget About this Site.” This will clear the HSTS settings and any other data that has been cached for this site.
- Start Firefox up again and check to see if the problem is gone. If the problem was with HSTS, you should now be able to use the service as usual.
Clearing HSTS by clearing Site Preferences
- Open Firefox.
- Click on the Library icon.
- Go to History.
- Click on Clear Recent History.
- Set Everything in the Time range to clear drop-down choice in the Clear All History window.
- Next, expand the Details menu.
- Remove every option except Site Preferences.
- Click the Clear Now button to get rid of all site settings, including the HSTS settings.
- Restart Firefox.
- See if the problem is still there when it starts up again.
Questions and Answers
HSTS errors can’t be worked around like other HTTPS problems can. This is because the browser has been told very clearly by the browser to only allow safe connections.
In the example above, the browser will keep the HSTS policy for 1 year. When a browser sees the header again, the policy is updated. If a person visits https://github.com at least once a year, they will always be protected by HSTS.
Man-in-the-middle attacks that strip SSL and weaken cookie-hijacking defences are possible without HSTS. Man-in-the-middle attacks and cookie-hijacking defences are both weakened.
If a user hits on a http:// link or types in a http:// URL, HSTS makes the browser change the URL to https:// before starting the connection. Because of this, HSTS is necessary to stop downgrade attacks, even if the server doesn’t allow plain HTTP connections.