• Secure Your Website with HSTS

    This post was originally published on the CA Security Council blog. Is your website secure? One thing to consider is securing your website with HTTP Strict Transport Security (HSTS). Implementation of HSTS is an extension of the Always-On SSL policy. For each website you want to protect with HSTS, you must first deploy an SSL/TLS certificate (if you haven’t already), and

        in SSL
  • HSTS RFC Finalized

    HTTP Strict Transport Security (HSTS) has been finalized and published as RFC 6797. The purpose of HSTS is to allow a website to declare to complying users’ agents that they should interact with it using a secure connection such as HTTPS. In order to implement HSTS, a website must have a statement in its header, such as: Header always set Strict-Transport-Security

        in Secure Browsing, SSL, SSL Deployment