HSTS
HTTP Strict Transport Security: a response header that forces browsers to use HTTPS for a site for a specified duration.
HSTS (HTTP Strict Transport Security) is an HTTP response header that tells the browser "for the next N seconds, always connect to this domain over HTTPS, even if the user types http://." That single rule eliminates the SSL-stripping attack where an on-path adversary downgrades the connection before TLS can engage. The `includeSubDomains` directive extends protection to every subdomain, and the `preload` directive (combined with submission to the HSTS preload list shipped in major browsers) means the first connection is already HTTPS-only. Removing HSTS is hard by design, so deploy with care.
Reference
Related terms
See also
Referenced on
- Choosing the Right TLD for Your Business: .com vs .io vs New gTLDs
- DNS Checker Bot & Scanner Documentation
- DNS Security Dashboard
- HTTP Header Checker
- HTTP Security Headers Analyzer & Generator
- HTTP Status Codes Reference (1xx
- Privacy Policy - DNS Checker
- Redirect Checker
- SSL/TLS Error Codes Reference and Fixes
- The New gTLD Explosion: Over 1,500 Domain Extensions Explained
- Website Reputation Checker