HSTS (HTTP Strict Transport Security)

Posted on 6th October 2016

HSTS is a security feature and is automatically enabled on the Foldr appliance, it cannot be disabled.  More information on HSTS can be found here.

It is important to understand the implications of HSTS when installing a signed SSL certificate.  Once installed, a user’s web browser will expect all future HTTPS connection from the Foldr URL to use a valid, signed certificate.

In the event of the certificate expiring or being revoked user access will be unavailable until the SSL configuration is restored, or they switch to an alternative web browser.  In this scenario Foldr will always be available as a last resort via the (public or private) IP address.

Need more help?

Get in touch with our friendly help desk who will be happy to assist you, support@foldr.io