Yugesh Naid

Yugesh Naid

  • NA
  • 12
  • 10.2k

My ASP.NET Web application did not make use of the HTTP Stri

Jul 3 2017 3:23 PM

Hi

My ASP.NET Web application did not make use of the HTTP Strict Transport Security (HSTS) mechanism.

This could potentially expose users to Man in the Middle (MitM) attacks.

When a web application uses HSTS, it specifies that users must connect using HTTPS and that communication should cease if there are any errors in the certificate chain.

In this way, users are prevented from clicking through certificate errors or accessing the application over a compromised channel.

How to implement HSTS

How Can I Prevent exposing users to Man in the Middle (MitM) attacks?


Answers (2)