Please enable HSTS

Could you please enable HSTS and add the site to the HSTS-Preload list to prevent MITM-attacks?


There are some items served without HTTPS, but I think we can eliminate them now. I’ll go ahead and add this.

I’ve just set the HSTS for now. I’ll do Preload after it has been stable for a while.

Have it been stable for a while? Because the link i posted in the first post report that HSTS and preload is not active at the moment.

I’ve updated the header to the number of required seconds and preload for I may need to get @fwbarber to update it for

1 Like