freeCodeCamp/guide/english/certifications/information-security-and-quality-assurance/information-security-with-helmetjs/ask-browsers-to-access-your-site-via-https-only-with-helmet.hsts/index.md

title
Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts()

Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts()

Hint

• You want your app to use helmet's hsts() method.
• Don't forget to give the methed the appropriate maxAge and force configurations.

Solution

• In the myApp.js file, create a variable to use for the maxAge configuration by adding var ninetyDaysInMilliseconds = 90*24*60*60*1000; under the seventh instructions.
• Then, on the next line add app.use(helmet.hsts({ maxAge: ninetyDaysInMilliseconds, force: true }));.

Note: Be sure to submit the link to the live demo of your project.