Posted inPersonal Programming Tech
what is HSTS protocol?
HSTS, or HTTP Strict Transport security header(Strict-Transport-Security) is set on your domain, a browser will do all requests to your site over https from then onwards. In case when a hacker is redirecting this user to a fake domain.com, the browser remembers to use SSL because of the HSTS, so requests the secure site. Browser needs to visit your site first to see this header, this will be active only after the first visit. Why HSTS? You can set SSL certificate on your domain, anyone can still use your site over http. The simplest solution is to add a redirect…
 

 
					

