I have manage to find a web page that has a "A+" grade on ssllabs.com/ssltest. I see this web page is supporting HTTP Strict Transport Security (= HSTS) https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Just wondering on my web page using Apache 2.4.x with openssl 1.0.1e I have disabled http protocol on port 80 (added comment: #Listen 80 in httpd.conf Apache httpd file) and I have only 443 port with TLS trafic enabled (one of internal web servers that are accessed using a link from another web page - so no need for http/80 port to be enabled). Would I benefit of still enabling HSTS despide port http/80 is disable? Is there some threat that I can prevent using HSTS. Reading on Wikipedia (above link) I also see HSTS prevents man-in-the-middle attack in a way web browser prevents accepting self-signed certificated that may be offered by attacker. What are recommendations, should I bother to set-up HSTS on Apache or not?
P.S. May I also suggest to move "Documentation" link from Summary section to bellow the Summary section and maybe just use white background instead of light-orange.