How to Check if a Web Page Supports or Uses HSTS (http strict transport security)

Among those who move in the world of the Internet and the creation of websites, know check if a web page supports or uses HSTS (http strict transport security) is usually helpful.

These security policies are present in many recognized web pages, but if you have doubts about it, it is best to first know what HSTS is about.

What is HSTS?

While in home connections we have WEP, WPA, WPA2 and WPA3 WiFi security, in websites it is HSTS. HSTS refers to a policy specifically designed for website security. The principle of this is create a defensive barrier for the purpose of avoiding fraudulent attacks. The objective is that communications, cookies and other factors are impenetrable.

The operation of HSTS is somewhat complicated, however, in short, when the security of the connection is compromised an error message appears. This error message makes it impossible to access the website.

hsts websites

Undoubtedly, this system has proven to be efficient in preventing some attacks that were common in the past, such as those that seek to track a computer through its IP address and that greatly compromised security measure of the users. Given this, a website with HSTS security has a defensive barrier that others do not have.

However, how do we know if a website supports HSTS? The truth is that there are various ways to check if a website supports HSTS. In this case, it is best to use certain platforms or web applications that will work for that purpose.

Check if the web page supports HSTS with hstspreload

Possibly the easiest way to check if a web page supports the HSTS protocol is by using the web site hstspreload. This site has a very simple operation, in fact, we only have to provide that website that we need to check. Anyway, if you have doubts (understanding that the website is in English). Please read the following information carefully.

  • Just go to the hstspreload website, once here you will see a space for text (just below “Enter a domain”). In this space write the website you want from do the check.
  • After having correctly entered said website, simply click on the button “Check HSTS preload status and eligibility”. By doing the above, the result will be displayed.
  • If Status: “your website” is currently preloaded appears, it means that this owns HSTS. On the other hand, if the result Status: “your website” is not preloaded is displayed, it means that the page does not support HSTS.

check if site has hsts

In addition to the above, seeing the SSL certificate in the Google Chrome browser helps to check the operation of other protocols, something that is advisable to know if you have questions about a website.

What is the use of checking that a website supports HSTS?

Not all websites support HSTS, for this reason the concern arises as to what is the purpose of HSTS. As noted earlier, HSTS refers to a security policy, through which it seeks to protect users from cyber attacks.

Given this, the main reason why it is relevant that a website supports HSTS is because in general terms it is safer for users. In any case, there is no need to be alarmed if a website does not have this feature.

In fact, mainly large websites, such as Facebook, are the ones that have this protocol. Less reach pages usually do not have HSTS And this does not mean that they are dangerous places.

How useful did you find this content?

Click on a star to rate!

Average score 0 / 5. Counting of votes: 0

So far, no votes. Be the first to rate this content.

I'm sorry this content was not useful for you!

Let me improve this content!

Tell me, how can I improve this content?

Deja un comentario