Updated on Apr 30, 2018
If you encounter an issue with HSTS before you add it to the preload list and cannot access your website fully due to reasons like expired SSL certificate or mixed content, you can disable HSTS in order to load the website and find a resolution for your issue.
The actual disabling of the tag is easy and can be done by changing the max-age directive from 31536000 to 0 which will make it expire at the moment it activates. For more information on how to find and edit the .htaccess file and the header, please check our initial tutorial called How to Enable HSTS.
This only change the max-age is better than just removing the entire header from your .htaccess file since when the tag was first read and cached by the browser it, the max age was applied, and the browser was instructed to cache this header for that period. By changing the max-age to 0, you are re-instructing the browser to essentially neglect the entire header without further caching.
However, as browsers were updated with HSTS in mind, some of them will still have the header's instructions saved in them, which will require you to remove it manually.
Chrome
Your browser will no longer force an HTTPS connection to that site.
Firefox
Then restart Firefox to get the desired result.
Safari
~/Library/Cookies/HSTS.plist
file.Disabling HSTS is not recommended but may be required in some situations. However, you are now aware of how to do this procedure via the header and in 3 of the most used browsers.