HSTS (HTTP Strict
Transport Security) Test

Check if your site is defending from
cookie hijacking & protocol downgrade attack

Checking for the HSTS header...

Great! HSTS header was found
in the HTTP response headers as highlight below.

Couldn’t find the HSTS header
in the response headers.

Header Value

Header

Value

About HSTS

HSTS (HTTP Strict Transport Security) help to protect from protocol downgrade attack and cookie hijacking.

HSTS is a security policy which can be injected in response header by implementing in web servers, network devices, CDN.

HSTS policy instruct browser to load website content only through a secure connection (HTTPS) for defined duration.

As you can guess, your website must be accessible over HTTPS to take advantage of HSTS. You can refer this guide to implement HSTS in Apache, Nginx, Cloudflare.

Once implemented, you may use this tool verify the HSTS.

Once implemented, you may use this tool verify the HSTS.

Hand-picked best resources to supercharge
your Website and Business

Explore Collections

More tools for your Website

Ping Test

Check if your site or IP can respond to ping globally

Test Now

Traceroute Test

Traceroute your IP or site to find network related issue

Test Now

TLS 1.3 Test

Test supported TLS version on the site

Test Now

TLS Scanner

Check the supported protocol, server preferences, certificate details, common vulnerabilities and more

Test Now

DNSSEC Test

Check if DNS Security Extensions is enabled on your domain

Test Now

TCP Port Scanner

Quickly find out what ports are open on public Internet-facing IP or website

Test Now

Latest Articles