Strict Transport Security (STS) Detection

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

The remote web server implements Strict Transport Security.

Description :

The remote web server implements Strict Transport Security (STS).
The goal of STS is to make sure that a user does not accidentally
downgrade the security of his or her browser.

All unencrypted HTTP connections are redirected to HTTPS. The browser
is expected to treat all cookies as 'secure' and to close the
connection in the event of potentially insecure situations.

See also :

Solution :


Risk factor :


Family: Service detection

Nessus Plugin ID: 42822 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now