HSTS headers (Strict Transport Security) are a huge security win since the web becomes more and more encrypted (thanks to letsencrypt,.com)


Now,  we are owning a lot of servers, from time to time we are facing the issue, that we can not access a site since we made several tests on it.

we got an error message saying

Your connection is not private

Attackers might be trying to steal your information from www.yoursite,com (for example, passwords, messages, or credit cards). Learn more



To bypass this warning you just can enter „badidea“ somewhere within your browser window (no, not the address field), saying the above error.

Chrome will then let you bypass the warning and access the site.


Update to Chrome 65:

The new bypass keyword is now thisisunsafe