Javaslom a HSTS-t, ha ez a terved.
HTTP Strict Transport Security (HSTS) is a simple and widely supported standard to protect visitors by ensuring that their browsers always connect to a website over HTTPS. HSTS exists to remove the need for the common, insecure practice of redirecting users from http:// to https:// URLs.
When a browser knows that a domain has enabled HSTS, it does two things:
- Always uses an
https://connection, even when clicking on anhttp://link or after typing a domain into the location bar without specifying a protocol. - Removes the ability for users to click through warnings about invalid certificates.