Skip to content

Anonymous

My feedback

1 result found

  1. 38 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Anonymous commented  · 

    This 2016 article states that 95% of HTTPS servers are vulnerable to trivial MITM (man-in-the-middle) attacks: https://news.netcraft.com/archives/2016/03/17/95-of-https-servers-vulnerable-to-trivial-mitm-attacks.html

    You can determine if your CW site implements HSTS by running this scan: https://www.ssllabs.com/ssltest/index.html

    Under Protocol Details, Strict Transport Security (HSTS) should be Yes.

    Are there any downsides to implementing HSTS? What are the HSTS pros and cons?

    Anonymous supported this idea  · 

Feedback and Knowledge Base