Description | This article describes how to enable the HSTS preload header in FortiWeb and domain HSTS preloading list submission. |
Scope | FortiWeb. |
Solution |
Prerequisite:
HSTS (HTTP Strict Transport Security) is a header that enforces the web browsers to connect to the domain/subdomain websites using HTTPS secure connection only. The HSTS 'preload' option is the additional variable added to the HSTS header, to add the domain into Chrome’s preload list. The HSTS preload list is hardcoded into Chrome as the list of websites that are connecting using HTTPS-secured connection only.
Related document: Configuring an HTTP server policy |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.