HSTS (Strict Transport Security)
Hi,
Do you support HSTS (Strict Transport Security) in the future? Maybe it will add more security.
Pseric
shared this idea
-
Mohamed
commented
There is an article written by CloudWays to do it manually, but since how crucial it is for SEO, there should be a switch to turn it on in the SSL Tab of each application!
Come on guys, this is a one day job! Lets get it done please -
Roy Bowen
commented
Adding the HSTS setting manually is cumbersome. It would be a great addition to configure via the server admin console.
-
Rhianne Jhane
commented
I just thought it may be an idea to post incase anyone else was having problems researching but I am a little unsure if I am allowed to put names and addresses on here.
-
Justin Edelson
commented
Any updates on this?
-
Anonymous
commented
This 2016 article states that 95% of HTTPS servers are vulnerable to trivial MITM (man-in-the-middle) attacks: https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-mitm-attacks.html
You can determine if your CW site implements HSTS by running this scan: https://www.ssllabs.com/ssltest/index.html
Under Protocol Details, Strict Transport Security (HSTS) should be Yes.
Are there any downsides to implementing HSTS? What are the HSTS pros and cons?
-
Sam
commented
Bump. This would be extremely valuable.
-
Sam
commented
This is really needed.
-
Anonymous
commented
+1
With Google rank at stake this is now a dealbreaker
WPEngine do it
Greenhost do it -
Robert
commented
Another vote here! UP
-
Anonymous
commented
yeah we need it !
Please reply.