No-Encryption-Found/EN/Solution Tips

Aus Siwecos
Wechseln zu: Navigation, Suche

max-age=63072000; includeSubdomains; HTTP Strict Transport Security (HSTS) is a web security policy mechanism that is easy to integrate.


# Activate HTTP Strict Transport Security (HSTS)
# Required: "max-age"
# Optional: "includeSubDomains"
  Header set Strict-Transport-Security "max-age=31556926; includeSubDomains"


Here is an example of an .htaccess file which will set the HTTP-Security-Header-Scanner to green. (.htaccess-Beispiel)