HTTP Strict Transport Security (HSTS) is a website security feature that forces web browsers to communicate with servers only through HTTPS connections. HSTS improves security and helps prevents man-in-the-middle attacks, downgrade attacks, and cookie-hijacking.
Cerberus FTP Server supports enabling HSTS via a setting in the HTTPS listener. You can only enable HSTS for listeners that have a valid SSL certificate (an SSL certificate that has been issued by a trusted CA, not a self-signed certificate). The setting will not be visible if you do not have a certificate from a trusted CA in place.
If you have the correct certificate in place, to activate HSTS you can select the desired listener in the 'Interfaces' pane of the Interface Summary page, or by going to 'Server Manager' > 'Listeners' and selecting the interface there. Scroll to the bottom of the listener and select the HSTS setting and press 'Update' to save.
Next, you will need to restart the Cerberus service before the change will take. Close the Cerberus user interface by selecting 'File' > 'Exit' at top left. Open up the Service Control Manager and stop the Cerberus FTP Server Service. You will see “Cerberus FTP Server” listed in the services list. You can access the Service Control Manager by going into the Control Panel, selecting Administrative Tools, and then Services. Once the Service Control Manager is open, right-click on the Cerberus FTP Server service and select Stop.
Finally, restart the Cerberus FTP Server service from the Service Control Panel. Right-click on the service and select Start.