Easy to use, effective — yet still severely underused: The HTTP Strict Transport Security header.


Encrypting connections to websites by using HTTPS is an extremely powerful way to increase the security provided to users visiting them. It prevents web traffic to be intercepted, modified, or redirected. It provides a level of authentication. Additionally, it protects the integrity and confidentiality of the data being served.


Stefan Friedli

Infosec professional since 2003. retired DC4131 @a41con organizer. Prodigal pen&paper player, rabid reader, grumpy gym denizen.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store