Skip to content

HSTS

Jump to bottom
Kubik2000 edited this page Nov 6, 2019 · 2 revisions

HTTP Strict Transport Security lets a web site inform the browser that it should never load the site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.

Links:

PHP / Apache

<IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
</IfModule>

Home

Default checks

html

CSS

HTML

Image

JavaScript

security

Cookies

Content Security Policy

Fingerprint

HSTS

HTTPS

X Frame Options

X XSS Protection

Clone this wiki locally