HSTS (HTTP Strict Transport Security) is a standard used by HTTP client applications to enforce the use of SSL communication between a site and the client. This module adds the appropriate headers to your Drupal site to trigger the HSTS on a supported client.
This module is for users who either can't change the web server configuration to include the necessary headers to enable HSTS or only want those headers for certain sites in a multi-site configuration. If you have the option to use your web server to add and manage the HSTS header data I recommend you do so. It'll save you a little extra PHP processing.
If not, then I hope this module helps you out.
For more information regarding HTTP Strict Transport Security see http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
- Maintenance status: Minimally maintained
- Development status: Maintenance fixes only
- Module categories: Security
- Reported installs: 1,268 sites currently report using this module. View usage statistics.
- Downloads: 10,266
- Automated tests: Enabled
- Last modified: 14 September 2016
- Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.