Bil Corry · Oct 13, 2021 · 5:52 PM UTC

Bil Corry @bilcorry

13 Oct 2021

.@hardenize is complaining about HSTS being set on port 80. Anyone know why that's a problem?

Hardenize · Oct 13, 2021 · 5:55 PM UTC

Hardenize @hardenize

13 Oct 2021

What’s the report? I don’t imagine it’s a real problem, we’re being pedantic I suppose. — Ivan

Bil Corry · Oct 13, 2021 · 8:25 PM UTC

Bil Corry · Oct 13, 2021 · 8:25 PM UTC

Bil Corry @bilcorry

13 Oct 2021

Replying to @hardenize

Oct 13, 2021 · 8:25 PM UTC

Horst Kevin · Oct 14, 2021 · 7:05 AM UTC

Horst Kevin @HorstKevin8

14 Oct 2021

As the report says, HSTS headers are meant for secure channels (https, port 443) and are ignored on cleartext http.