Enable HTTP Strict Transport Security

If FileMaker Server has a valid SSL certificate, HTTP Strict Transport Security (HSTS) restricts web clients to HTTPS connections. Once a web client connects to FileMaker Server via HTTPS with HSTS, the web browser prevents the client from using an HTTP connection for content hosted by FileMaker Server.

HSTS is enabled in FileMaker Server when you import a custom SSL certificate.

Notes 

  • HSTS is always enabled in FileMaker Cloud.

  • macOS: In FileMaker WebDirect, when HSTS is enabled, make sure that custom homepages and custom web content are hosted in the Web Publishing Engine HTTPS directory.