AnsweredAssumed Answered

Understanding and fixing Strict-Transport-Security false negative

Question asked by ctemplin on Jan 22, 2013
Latest reply on Jan 24, 2013 by Ivan Ristić

Hello,

According to this report, my site doesn't have Strict-Transport-Security enabled.

 

https://www.ssllabs.com/ssltest/analyze.html?d=lockify.com

 

However, my site's response headers include:

 

Strict-Transport-Security: max-age=15768000; includesubdomains

 

 

 

How can I troubleshoot this to improve the report's accuracy?

 

thanks,

Chris

Outcomes