AnsweredAssumed Answered

HTTP Strict Transport Security (HSTS) behavior

Question asked by Mark Flint on Feb 15, 2018
Latest reply on Feb 18, 2018 by Hitoshi Kaneko

I was interested in adding the "HTTP Strict Transport Security (HSTS) behavior to our configurations, BUT there are some seemingly undocumented check-boxes in the behavior that I am not sure about. When I clicked the help (?) icon, I get a general paragraph about what HSTS is, but it does not explain the purpose of the check-boxes, especially the "Preload" check-box.

 

HSTS behavior options

 

Here is the help text that appears if someone clicks the (?) icon:

HTTP Strict Transport Security instructions

 

What does the "Preload" check-box do in this behavior?

 

If I check the "Redirect all HTTP requests to HTTPS" check-box can I eliminate this rule I currently have?

My current HTTP 301 redirect to https rule.

I am thinking I can, but since I am asking questions, I thought I would ask.

Outcomes