Tutorial by Examples | RIP Tutorial

HSTS Header

Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security is a promise to the browser that all future requests to this domain will be secure. For the future time period max-age: All outgoing HTTP requests from the browser will be converted to HTTPS on the client...

https • HTTP Strict Transport Security (HSTS)

HSTS preload list

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload HSTS is activated only after a successful HTTPS request to the server with a valid certificate. There is still a risk of a first-time user accessing the site, at which point a Man-in-the-Middle attack is possible. To make th...

https • HTTP Strict Transport Security (HSTS)