Yes, LH HSTS is free to use. It is available as a free plugin on WordPress.org.

How many websites use LH HSTS?

LH HSTS has 600 active installations as tracked by WordPress.org.

What are the best LH HSTS alternatives?

Popular alternatives to LH HSTS include Cloudflare, Flexible SSL for CloudFlare, Easy HTTPS Redirection (SSL). You can compare them side-by-side on our comparison pages.

Does LH HSTS work with the latest WordPress?

LH HSTS has been tested up to WordPress 5.4.19. It requires WordPress 3.0+ and PHP false+.

PluginSift

LH HSTS

Name: LH HSTS
Rating: 3.9 (7 reviews)
Author: shawfactor

HSTS is HTTP Strict Transport Security, a means to enforce using SSL even if the user accesses the site through HTTP and not HTTPS.

By shawfactor·Ssl·Free

3.9(7 reviews)

·600 active installs·Updated 5 years ago

Download Visit Homepage Compare

As of April 2026, LH HSTS is a WordPress ssl plugin with 600 active installations and a 3.9/5 rating from 7 reviews. It has been downloaded 350K+ times in total. Requires WordPress 3.0+ and PHP false+. Available on WordPress.org since 2016. Last updated 5 years ago — may have compatibility concerns. Top alternative: Cloudflare.

3.9/57 reviews

600active installs

350K+total downloads

10 yearssince 2016

Overview

This plugin send the proper headers for full ssl security. For more information on what this is and why it is important visit: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

The options are preset to enable browsers to preload the HSTS directive but can be overwritten by filters which are clearly documented in the code.

Did you find this plugin helpful? Please consider writing a review.

To update the max-age settings, add the following code to your functions.php

add_filter('lh_hsts_max_age', 'modify_ls_hsts_max_age_func');

function modify_ls_hsts_max_age_func( $max_age ){
    return false;
}
    `

To update the subdomain settings, add the following code to your functions.php

add_filter(‘lh_hsts_subdomain’, ‘modify_ls_hsts_subdomain_func’);

function…

Read full description on WordPress.org

Ratings & Reviews

3.97 reviews

5 ★

4 ★

3 ★

2 ★

1 ★

Compatibility

WordPress	3.0+ requiredTested up to 5.4.19
PHP	false+ required

Top Alternatives to LH HSTS

Cloudflare

3.5200K+ installsUpdated 3 months ago

View Compare

Flexible SSL for CloudFlare

4.8100K+ installsUpdated 3 months ago

View Compare

Easy HTTPS Redirection (SSL)

4.2100K+ installsUpdated 1 week ago

View Compare

SSL Insecure Content Fixer

4.8100K+ installsUpdated 3 months ago

View Compare

WP Force SSL & HTTPS SSL Redirect

4.790K+ installsUpdated 4 months ago

View Compare

View all ssl plugins →

Frequently Asked Questions

Changelog

1.00 – February 28, 2016

Initial release

View full changelog on WordPress.org

Contributors

Asitha

shawfactor

Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.

LH HSTS

HSTS is HTTP Strict Transport Security, a means to enforce using SSL even if the user accesses the site through HTTP and not HTTPS.

By shawfactor·Ssl·Free

3.9(7 reviews)

·600 active installs·Updated 5 years ago

Download Visit Homepage Compare

3.9/57 reviews

600active installs

350K+total downloads

10 yearssince 2016

Overview

This plugin send the proper headers for full ssl security. For more information on what this is and why it is important visit: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

The options are preset to enable browsers to preload the HSTS directive but can be overwritten by filters which are clearly documented in the code.

Did you find this plugin helpful? Please consider writing a review.

To update the max-age settings, add the following code to your functions.php

add_filter('lh_hsts_max_age', 'modify_ls_hsts_max_age_func');

function modify_ls_hsts_max_age_func( $max_age ){
    return false;
}
    `

To update the subdomain settings, add the following code to your functions.php

add_filter(‘lh_hsts_subdomain’, ‘modify_ls_hsts_subdomain_func’);

function…

Read full description on WordPress.org