Among those who move in the world of the Internet and the creation of websites, knowing how to check if a Web page supports or uses HSTS (http strict transport security) is usually useful.
These security policies are present on many recognized web pages, but if you have doubts about it, it is best to first know what HSTS is about.
What is HSTS?
While in home connections we have WEP, WPA, WPA2 and WPA3 WiFi security , in websites it is HSTS. HSTS refers to a policy specifically designed for website security. The principle of this is to create a defensive barrier in order to prevent fraudulent attacks. The objective is that communications, cookies and other factors are impenetrable.
The operation of HSTS is somewhat complicated, however, in short, when the security of the connection is compromised an error message appears . This error message makes it impossible to access the website.
Undoubtedly, this system has proven to be efficient in preventing some attacks that were common in the past, such as those that seek to track a computer through its IP address and that greatly compromised the security of users. Given this, a website with HSTS security has a defensive barrier that others do not have.
However, how do we know if a website supports HSTS? The truth is that there are several ways to check if a website supports HSTS . In this case, it is best to use certain platforms or web applications that will work for that purpose.
Check if the web page supports HSTS with hstspreload
Possibly the easiest way to check if a web page supports the HSTS protocol is by using the hstspreload web site . This site has a very simple operation, in fact, we only have to provide that website that we need to check. Anyway, if you have doubts (understanding that the website is in English). Please read the following information carefully.
- Just go to the hstspreload website , once here you will see a space for text (just below “Enter a domain”). In this space write the website you want to check.
- After having correctly entered said website, simply click on the button “Check HSTS preload status and eligibility” . By doing the above, the result will be displayed.
- If Status appears: “your website” is currently preloaded, it means that it has HSTS . On the other hand, if the result Status: “your website” is not preloaded is displayed, it means that the page does not support HSTS.
In addition to the above, seeing the SSL certificate in the Google Chrome browser helps to check the operation of other protocols, something that is advisable to know if you have questions about a website.
What is the use of checking that a website supports HSTS?
Not all websites support HSTS, for this reason the concern arises as to what is the purpose of HSTS. As we pointed out before, HSTS refers to a security policy , through which it seeks to protect users from cyber attacks.
Given this, the main reason why it is relevant that a website supports HSTS is because in general terms it is more secure for users . In any case, there is no need to be alarmed if a website does not have this feature.
In fact, mainly large websites, such as Facebook, are the ones that have this protocol. Lesser reach pages usually do not have HSTS and therefore does not mean that they are dangerous places.
