by Kimloo » 05 Mar 2017, 15:16
Your site works great using HTTPS... so why not default to doing that? Your site gets an "A" rating for the way you have implemented HTTPS, see for yourself:
https://www.ssllabs.com/ssltest/analyze ... wz2100.net
You can use HSTS to make your site visitors web browsers automatically connect to your web server via HTTPS protocol even if they click on a HTTP link to get there. All you have to do is add the following line to your web servers headers:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Once you do that, then go to this page and add your domain name to the list for HSTS preloading in people's web browsers:
https://hstspreload.org/
You can read all about how to implement HSTS on your website on this page:
https://https.cio.gov/hsts/
.
Your site works great using HTTPS... so why not default to doing that? Your site gets an "A" rating for the way you have implemented HTTPS, see for yourself:
https://www.ssllabs.com/ssltest/analyze.html?d=wz2100.net
You can use HSTS to make your site visitors web browsers automatically connect to your web server via HTTPS protocol even if they click on a HTTP link to get there. All you have to do is add the following line to your web servers headers:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Once you do that, then go to this page and add your domain name to the list for HSTS preloading in people's web browsers:
https://hstspreload.org/
You can read all about how to implement HSTS on your website on this page:
https://https.cio.gov/hsts/
.