Warning: count(): Parameter must be an array or an object that implements Countable in /www/wwwroot/blog.cloudwai.com/usr/plugins/AMP/Action.php on line 388
Enable HSTS for your website and specify https access to your website in browser’s built-in rules

云外博客 | 步入云端探索未知奥秘

Enable HSTS for your website and specify https access to your website in browser’s built-in rules

Understanding HSTS, when a visitor enters a site without declaring a protocol the http protocol is used by default, and only thereafter does the web server redirect them to the https URL.

There is a hidden danger included here, as the first access is unencrypted, which is clearly not conducive to protecting the privacy of visitors.

HSTS will tell the browser to force all subsequent access to use the https protocol.

Audited sites can also be built directly into mainstream browser rules, forcing TLS encryption for browsing even if that visitor has never opened your site.

Submit a request: https://hstspreload.org

Websites that use cloudflare can easily turn on HSTS.

当前页面是本站的「Google AMP」版。查看和发表评论请点击:完整版 »

因本文不是用Markdown格式的编辑器书写的,转换的页面可能不符合AMP标准。