1
 min read

Strict-Transport-Security Header

HTTP Strict Transport Security (HSTS).

Summary

HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standard track protocol and is specified in RFC 6797.

Solution

Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.

References

Secure Your Startup. Today.

We make your startup secure and compliant by implementing and managing the security controls your customers require.

Get Started