No-Encryption-Found/EN/Solution Tips: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „max-age=63072000; includeSubdomains; HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate. '''--snip'''<pre>…“) |
|||
| (5 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| + | If the connection to your page is not encrypted, all communication between your site and its users can be intercepted and manipulated. | ||
| + | |||
max-age=63072000; includeSubdomains; | max-age=63072000; includeSubdomains; | ||
HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate. | HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate. | ||
| − | + | # Activate HTTP Strict Transport Security (HSTS) | |
| − | # Activate HTTP Strict Transport Security (HSTS) | + | # Required: "max-age" |
| − | # Required: | + | # Optional: "includeSubDomains"</pre> |
| − | # Optional: | + | '''Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"''' |
| − | |||
| − | |||
| − | Here is an example of an .htaccess file which will set the ''' | + | Here is an example of an .htaccess file which will set the '''Header Scanner''' to green. |
| − | ([[Htaccess|.htaccess | + | ([[Htaccess/EN|.htaccess example]]) |
Aktuelle Version vom 4. April 2019, 12:14 Uhr
If the connection to your page is not encrypted, all communication between your site and its users can be intercepted and manipulated.
max-age=63072000; includeSubdomains; HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate.
# Activate HTTP Strict Transport Security (HSTS) # Required: "max-age"
# Optional: "includeSubDomains"
Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"
Here is an example of an .htaccess file which will set the Header Scanner to green. (.htaccess example)
