发表新帖
发表新帖

301 Redirect and HSTS in .htaccess

后端 未结
关注
3 1510
栀梦
栀梦 2021-01-14 05:19

I\'ve changed a site to https and have set up a redirect in .htaccess. But I\'ve also set Strict Transport Security. Are both necessary or useful?
3条回答
  • 臣服心动
    臣服心动 (楼主)
    2021-01-14 06:02

    Yes! You should keep both of them. From OWASP docs, there're many benifits to use HSTS. E.g:

    • automatically redirects HTTP requests to HTTPS.

    • prevent user from overridding invalid certificate message.

    0 讨论(0)
 看不清?
提交回复
热议问题