HSTS (Strict Transport Security)
Hi,
Do you support HSTS (Strict Transport Security) in the future? Maybe it will add more security.
Pseric
shared this idea
8 comments
-
Rhianne Jhane
commented
I just thought it may be an idea to post incase anyone else was having problems researching but I am a little unsure if I am allowed to put names and addresses on here.
-
Justin Edelson
commented
Any updates on this?
-
Anonymous
commented
This 2016 article states that 95% of HTTPS servers are vulnerable to trivial MITM (man-in-the-middle) attacks: https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-mitm-attacks.html
You can determine if your CW site implements HSTS by running this scan: https://www.ssllabs.com/ssltest/index.html
Under Protocol Details, Strict Transport Security (HSTS) should be Yes.
Are there any downsides to implementing HSTS? What are the HSTS pros and cons?
-
Sam
commented
Bump. This would be extremely valuable.
-
Sam
commented
This is really needed.
-
Anonymous
commented
+1
With Google rank at stake this is now a dealbreaker
WPEngine do it
Greenhost do it -
Robert
commented
Another vote here! UP
-
Anonymous
commented
yeah we need it !
Please reply.