What is HSTS?

May 13, 2022

HSTS, or HTTP Strict Transport Security, is a mechanism that protects website visitors by ensuring browsers always use HTTPS for the connection. The Strict-Transport-Security response header instructs browsers only to use HTTPS to access a website and avoid HTTP for any subsequent connection for the set amount of time, e.g., one year.

HSTS reduces the chance of successful man-in-the-middle attacks by skipping redirections from HTTP to HTTPS. Even if a visitor tries to access a website over HTTP, HSTS instructs the browser to use HTTPS for interaction.

Anastazija is an experienced content writer with knowledge and passion for cloud computing, information technology, and online security. At phoenixNAP, she focuses on answering burning questions about ensuring data robustness and security for all participants in the digital landscape.