9 comments

• Roy Bowen commented  ·  November 24, 2020 8:19 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  Adding the HSTS setting manually is cumbersome. It would be a great addition to configure via the server admin console.

  Save Submitting...
• Rhianne Jhane commented  ·  August 28, 2019 12:08 PM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  I just thought it may be an idea to post incase anyone else was having problems researching but I am a little unsure if I am allowed to put names and addresses on here.

  www.gumawawebsite.blogspot.com

  Save Submitting...
• Justin Edelson commented  ·  April 29, 2019 6:55 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  Any updates on this?

  Save Submitting...
• Anonymous commented  ·  April 16, 2018 10:08 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  This 2016 article states that 95% of HTTPS servers are vulnerable to trivial MITM (man-in-the-middle) attacks: https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-mitm-attacks.html

  You can determine if your CW site implements HSTS by running this scan: https://www.ssllabs.com/ssltest/index.html

  Under Protocol Details, Strict Transport Security (HSTS) should be Yes.

  Are there any downsides to implementing HSTS? What are the HSTS pros and cons?

  Save Submitting...
• Sam commented  ·  April 11, 2018 4:48 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  Bump. This would be extremely valuable.

  Save Submitting...
• Sam commented  ·  October 23, 2017 3:30 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  This is really needed.

  Save Submitting...
• Anonymous commented  ·  October 19, 2017 2:42 AM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  +1

  With Google rank at stake this is now a dealbreaker
  WPEngine do it
  Greenhost do it

  Save Submitting...
• Robert commented  ·  October 5, 2017 9:19 PM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  Another vote here! UP

  Save Submitting...
• Anonymous commented  ·  August 31, 2017 6:47 PM  ·  Flag as inappropriateFlag as inappropriate  ·  Edit…  ·  Delete…

  yeah we need it !
  Please reply.

  Save Submitting...