No-Encryption-Found/EN/Solution Tips: Unterschied zwischen den Versionen

Aus Siwecos
Wechseln zu: Navigation, Suche
(Die Seite wurde neu angelegt: „max-age=63072000; includeSubdomains; HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate. '''--snip'''<pre>…“)
 
Zeile 4: Zeile 4:
 
'''--snip'''<pre>
 
'''--snip'''<pre>
 
# Activate HTTP Strict Transport Security (HSTS)
 
# Activate HTTP Strict Transport Security (HSTS)
# Required: „max-age“
+
# Required: "max-age"
# Optional: „includeSubDomains“</pre>
+
# Optional: "includeSubDomains"</pre>
   '''Header set Strict-Transport-Security „max-age=31556926, includeSubDomains“'''
+
   '''Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"'''
 
'''--snap'''
 
'''--snap'''
  
 
Here is an example of an .htaccess file which will set the '''HTTP-Security-Header-Scanner''' to green.
 
Here is an example of an .htaccess file which will set the '''HTTP-Security-Header-Scanner''' to green.
 
([[Htaccess|.htaccess-Beispiel]])
 
([[Htaccess|.htaccess-Beispiel]])

Version vom 17. Januar 2019, 14:34 Uhr

max-age=63072000; includeSubdomains; HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate.

--snip

# Activate HTTP Strict Transport Security (HSTS)
# Required: "max-age"
# Optional: "includeSubDomains"
  Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"

--snap

Here is an example of an .htaccess file which will set the HTTP-Security-Header-Scanner to green. (.htaccess-Beispiel)