HTTP<\/a>\u00a0Strict Transport Security<\/b>\u00a0(HSTS<\/b>) is a web security policy mechanism that helps to protect websites against\u00a0protocol downgrade attacks<\/a>\u00a0and\u00a0cookie hijacking<\/a>. It allows web servers to declare that web browsers (or other complying user agents) should interact with it using only secure\u00a0HTTPS<\/a>\u00a0connections,\u00a0and never via the insecure HTTP protocol.<\/p>\n In order for HSTS to function, you must have:<\/p>\n HSTS can be set up on a domain by adding the following code to the .htaccess file<\/a> of the domain:<\/p>\n What is HSTS? HTTP\u00a0Strict Transport Security\u00a0(HSTS) is a web security policy mechanism that helps to protect websites against\u00a0protocol downgrade attacks\u00a0and\u00a0cookie hijacking. It allows web servers…<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"lsx_disable_title":"0","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","footnotes":""},"categories":[168,166],"tags":[24165],"topics":[10377],"class_list":["post-25211","post","type-post","status-publish","format-standard","hentry","category-managing-website","category-website","tag-hsts","topics-website-security"],"acf":[],"additional_meta":{"category_title":[{"term_id":168,"name":"Managing your Website","slug":"managing-website","term_group":0,"term_taxonomy_id":168,"taxonomy":"category","description":"Managing your Website","parent":166,"count":52,"filter":"raw","term_order":"83","cat_ID":168,"category_count":52,"category_description":"Managing your Website","cat_name":"Managing your Website","category_nicename":"managing-website","category_parent":166},{"term_id":166,"name":"Website","slug":"website","term_group":0,"term_taxonomy_id":166,"taxonomy":"category","description":"About your Website(s)","parent":0,"count":169,"filter":"raw","term_order":"120","cat_ID":166,"category_count":169,"category_description":"About your Website(s)","cat_name":"Website","category_nicename":"website","category_parent":0}],"tag_title":[{"term_id":24165,"name":"HSTS","slug":"hsts","term_group":0,"term_taxonomy_id":24165,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw","term_order":"94"}]},"featured_image_src":null,"author_info":{"display_name":"marketing","author_link":"https:\/\/xneelo.co.za\/help-centre\/author\/marketing\/","author_avatar":"https:\/\/secure.gravatar.com\/avatar\/a6ea315e112423b2b955cb020fbce2b0835956c6ad85ff0f13f1db298977eaaa?s=96&d=mm&r=g"},"_links":{"self":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts\/25211","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/comments?post=25211"}],"version-history":[{"count":0,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts\/25211\/revisions"}],"wp:attachment":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/media?parent=25211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/categories?post=25211"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/tags?post=25211"},{"taxonomy":"topics","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/topics?post=25211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}What is required?<\/h2>\n
\n
How to activate<\/h2>\n
Header <\/span>set <\/span>Strict<\/span>-<\/span>Transport<\/span>-<\/span>Security<\/span> \"max-age=31536000; includeSubDomains; preload\"<\/span> env<\/span>=<\/span>HTTPS<\/span><\/pre>\n","protected":false,"plain":"What is HSTS?<\/h2>\r\nHTTP<\/a>\u00a0Strict Transport Security<\/b>\u00a0(HSTS<\/b>) is a web security policy mechanism that helps to protect websites against\u00a0protocol downgrade attacks<\/a>\u00a0and\u00a0cookie hijacking<\/a>. It allows web servers to declare that web browsers (or other complying user agents) should interact with it using only secure\u00a0HTTPS<\/a>\u00a0connections,\u00a0and never via the insecure HTTP protocol.\r\n
What is required?<\/h2>\r\nIn order for HSTS to function, you must have:\r\n
\r\n \t
How to activate<\/h2>\r\nHSTS can be set up on a domain by adding the following code to the .htaccess file<\/a> of the domain:\r\n
Header <\/span>set <\/span>Strict<\/span>-<\/span>Transport<\/span>-<\/span>Security<\/span> \"max-age=31536000; includeSubDomains; preload\"<\/span> env<\/span>=<\/span>HTTPS<\/span><\/pre>"},"excerpt":{"rendered":"