HTTP Strict Transport Security

HTTP Strict Transport Security (often abbreviated as HSTS) is a mechanism websites can use to inform browsers that they should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. This protects users in hostile network environments (e.g., coffee shops).

You should use the HSTS header to protect the privacy of your users and keep them from being redirected to a fake site.

Many organizations fail to configure HSTS correctly and do not benefit from the increased security they would achieve with a small configuration change.

DomainProactive verifies that your website has an HSTS header and will notify you if a change has been made which disables HSTS. This is valuable for ensuring that your users are not spied on or redirected to a site posing as yours.