Strict Transport Security (STS) Detection

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

The remote web server implements Strict Transport Security.

Description :

The remote web server implements Strict Transport Security (STS).
The goal of STS is to make sure that a user does not accidentally
downgrade the security of his or her browser.

All unencrypted HTTP connections are redirected to HTTPS. The browser
is expected to treat all cookies as 'secure' and to close the
connection in the event of potentially insecure situations.

See also :

Solution :


Risk factor :


Family: Service detection

Nessus Plugin ID: 42822 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial