-
if do this then let's do it right and use Http strict transport security
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
and use the recommendation from owasp
https://www.owasp.org/i…
-
## Summary
As we are already serving websites in HTTPS, it is recommended to support HSTS (HTTP Strict Transport Security). [Secure your site with HTTPS](https://support.google.com/webmasters/a…
-
I have 3 sites with the same exact Nginx + SSL configuration. I was able to submit two of them, while on the third one I always get the same error:
```
Error: Error following redirects
Redirect e…
ghost updated
6 years ago
-
See these SSL scan results:
https://www.ssllabs.com/ssltest/analyze.html?d=peertube.video
https://www.ssllabs.com/ssltest/analyze.html?d=peertube.mastodon.host&s=163.172.7.58
I had the same error…
-
What TLS versions and ciphers does the HSTSpreload client support??
Our servers have an A+ SSL rating with the Qualys SSL labs test, but hstspreload.org can't connect to it.
Error from hstspreol…
-
### Steps to reproduce
1.make openwrt v18.06.1 with php7.2 all depends package and nginx,sqlite3db
2. put setup_nextcloud.php and nc.zip to /www
3. do setup_nextcloud.php an install nextcloud14
…
-
It'd be nice if PRISM Break was on the HSTS preload list. https://hstspreload.org/
/cc @nylira
-
I use the [HTTPS Everywhere](https://www.eff.org/https-everywhere) extension from the EFF, with the option to block all unencrypted requests turned on. This is normally not a big problem, because all …
-
Hi! Would it be possible to implement HSTS switch or field to set?
`Strict-Transport-Security: max-age=63072000; includeSubDomains; preload`
I registered my site on the HSTS pre-load list (https://h…
-
Hi,
I've just scanned https://www.bonnieradvocaten.nl and under the [third party tab ](https://observatory.mozilla.org/analyze/www.bonnieradvocaten.nl#third) more specifically under "hstspreload.or…