Total 10 Posts

Issuing HSTS policy in PHP

HSTS is a great way of protecting visitors to your website by ensuring their browser only uses a secure connection to communicate. If you use shared hosting and don't have access to change the header configuration, or you simply want to test HSTS without enabling it site wide, you can…

Continue Reading

Manually enforcing HSTS in Google Chrome

HSTS Policies are usually distributed by a web server as a HTTP Response Header. Whilst some sites enforce HTTPS by issuing a redirect, many do not implement HSTS and leave the user vulnerable to a MiTM attack. HSTS Policies can be added to Google Chrome manually, by the user, to…

Continue Reading