ttttim Posted July 11, 2019 Share Posted July 11, 2019 Someone recently pointed to me that I wasn't using http strict transport security header. From what I've read it forces a connection to https instead of http. Is there a different compared to the use of the default method from the ProcessWire .htaccess? RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] Link to comment Share on other sites More sharing options...
adrian Posted July 11, 2019 Share Posted July 11, 2019 @ttttim - have a read of this: https://processwire.com/blog/posts/pw-3.0.135/#step-4-decide-whether-to-to-enable-hsts-section-9f 4 Link to comment Share on other sites More sharing options...
ttttim Posted July 18, 2019 Author Share Posted July 18, 2019 Thanks for the reply! Link to comment Share on other sites More sharing options...
dragan Posted July 18, 2019 Share Posted July 18, 2019 @ttttim This module was just released yesterday... maybe take it for a test-drive? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now