Wechseln zu: Navigation, Suche

No-Encryption-Found/EN/Solution Tips

82 Bytes hinzugefügt, 12:14, 4. Apr. 2019
keine Bearbeitungszusammenfassung
If the connection to your page is not encrypted, all communication between your site and its users can be intercepted and manipulated.
max-age=63072000; includeSubdomains;
HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate.
'''--snip'''<pre> # Activate HTTP Strict Transport Security (HSTS) # Required: "max-age" # Optional: "includeSubDomains"</pre> '''Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"''''''--snap'''
Here is an example of an .htaccess file which will set the '''HTTP-Security-Header-Scanner''' to green.([[Htaccess/EN|.htaccess example (German only]])