HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTPS connections.

- Stackoverflow.com Wiki
2 articles, 0 books.

More and more sites are becoming HTTPS-only sites where the HTTP version simply redirects to the secure site. However that could be a problem if a user does not pay attention to how their browser is connecting. HSTS both allows your site to tell the browser to never ever again try the non-secure variant but you can also have modern browsers preload your site as secure meaning that no user ever would attempt an insecure connection. As long as users are using a modern updated browser that is...


Cookies can be removed, edited, and faked. Leveraging the HSTS database as a storage mechanism potentially reduces the possibility that your tracking ID will be deleted.