This form can be used to remove domains from the HSTS preload list.
If a preloaded site sends a valid HSTS header without the preload directive, it is considered to be requesting removal from the preload list.
In order to be removed from the HSTS preload list through this form, your site must demonstrate the removal request by satisfying the following set of requirements:
- Be preloaded or pending preload through hstspreload.org.
- Serve HTTPS with a valid certificate.
- Send a valid HSTS header.
- The header must not contain the preload directive.
If you completely want to disable HSTS, you can send the following knockout entry:Strict-Transport-Security: max-age=0
If you want to be removed from the preload list but do not completely want to disable HSTS, it is up to you whether you would like remove the includeSubDomains directive or change the max-age value, as long as you remove the preload directive.
If you want to remove a domain that cannot meet these requirements, please contact Lucas Garron and explain your situation.