Secure connection upgrade not enforced.

<h3 id="issue-16">Issue</h3>
                  <p><span class="capitalize">security</span>: HTTP Strict Transport Security (HSTS)</p>
                  <h3 id="error-16">Error</h3>
                  <p class="bug-title">Secure connection upgrade not enforced.</p>
                  <h3 id="why-is-this-a-problem-16">Why is this a problem</h3>
                  <p> HSTS is a security feature that ensures a website is only accessible over HTTPS. It helps to prevent man-in-the-middle attacks, such as protocol downgrade attacks, by enforcing that browsers always communicate with the server over a secure connection. Without HSTS, an attacker could intercept traffic on a non-secure connection and compromise user data.</p>
                  <h3 id="prevalence-2">Prevalence</h3> <p>This is a sitewide issue</p>
                  <h3 id="description-16">Description</h3>
                  <p>Site upgrades to a secure connection.</p>
                  <h3 id="documentation-16">Documentation</h3>
                     <p><a href="https://docs.scangov.org/hsts">ScanGov HTTP Strict Transport Security (HSTS) docs</a></p><p><a href="https://docs.scangov.org/21st-century-idea">21st Century Integrated Digital Experience Act</a></p><p><a href="https://docs.scangov.org/cisa-web-security">CISA Website Security</a></p><p><a href="https://docs.scangov.org/cybersecurity-performance-goals">CISA Cybersecurity Performance Goals</a></p>     <p></p>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Secure connection upgrade not enforced. #6

Issue

Error

Why is this a problem

Prevalence

Description

Documentation

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Secure connection upgrade not enforced. #6

Description

Issue

Error

Why is this a problem

Prevalence

Description

Documentation

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions