HTTP Strict Transport Security HSTS [How to Set Up]

preview_player
Показать описание
HTTP Strict-Transport-Security response header (often abbreviated as HSTS) is a header that informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.

In this video, we will cover the theory and the importance of the header, and how to check on the missing HTTP Strict-Transport-Security.

Why it's important

This method is more secure than simply configuring a HTTP to HTTPS (301) redirect on your server, where the initial HTTP connection is still vulnerable to a man-in-the-middle attack.

How to fix the issue
Add the following directive to HTTP header.

Strict-Transport-Security: max-age=31536000; includeSubDomains

Get more info about this HTTP header in MDN Web Docs.

#hsts #hstscheck #checkHSTS
  1. Sitechecker
  2. HSTS
  3. how to fix hsts
  4. how to fix hsts missing
  5. hsts
  6. hsts error in chrome
Рекомендации по теме
HSTS - HTTP 0:10:29

HSTS - HTTP Strict Transport Security - Protect against SSL Stripping attack - Practical TLS

What is HSTS 0:06:39

What is HSTS (HTTP Strict Transport Security)? HSTS explained simply.

What is HTTP 0:02:49

What is HTTP Strict Transport Security (HSTS)?

How To Fix 0:08:09

How To Fix the “HSTS Missing From HTTPS Server” Error (in 5 Steps)

HTTP Strict Transport 0:02:18

HTTP Strict Transport Security HSTS [How to Set Up]

Fix HSTS Security 0:02:25

Fix HSTS Security Header Missing|HTTP Strict Transport Security HTTPS is not implemented in header

HTTP Strict Transport 0:17:21

HTTP Strict Transport Security (HSTS) and TLS Stripping Explained

What is HSTS 0:01:57

What is HSTS HTTP Strict Transport Security Really Simple SSL

All about HSTS 0:01:53

All about HSTS - HTTP Strict Transport Security | Enable HSTS in Apache Web Server

Mozilla Firefox HTTP 0:01:23

Mozilla Firefox HTTP Strict Transport Security Error FIX (Solved)

Was ist HSTS? 0:09:57

Was ist HSTS? // deutsch

How do I 0:00:34

How do I turn off HTTP Strict Transport Security

How to Add 0:02:05

How to Add HSTS in WordPress | Set HTTP Strict Transport Security Header

HSTS - HTTP 0:06:20

HSTS - HTTP Strict Transport Security - Limitations

How to Fix 0:03:17

How to Fix Strict Transport Security (HSTS) Errors - Easy Tutorial

How To Fix 0:02:14

How To Fix the HSTS Test | HTTP Strict Transport Security | Missing HSTS Header Screaming Frog

How to fix 0:01:19

How to fix - Strict Transport Security Header Missing - vulnerability

What is Strict-Transport-Security 0:10:54

What is Strict-Transport-Security HTTP header?

Server einrichten - 0:05:23

Server einrichten - HSTS HTTP Strict Transport Security für Nginx

How to Fix 0:02:30

How to Fix HTTP Strict Transport Security Error in Mozilla Firefox

WHAT IS HSTS? 0:13:34

WHAT IS HSTS? HTTP STRICT TRANSPORT SECURITY

How to Enable 0:04:47

How to Enable HSTS for your Nginx and Apache Websites

How do Browsers 0:06:21

How do Browsers Force HTTPS with HSTS and How it can prevent SSL Stripping?

How to Setup 0:01:04

How to Setup Strict Transport Security Header on IIS Webserver

Комментарии
Автор

не хватає інформації, де це прописувати

amantesaquarius
Автор

could i use the fix in plain html files? i.e use a <meta> for this fix?

marlonlom