What is HSTS, and what is the HSTS list?

PublishedFebruary 3, 2021

•1 min read

What is HSTS, and what is the HSTS list?

I am a Site Reliability Engineer with nearly 5 years of experience. I talk about Linux, Automation, Networking, and anything else related to tech and CS.

HSTS stands for HTTP Strict Transport Security. When the browser finds the HSTS header in the server response, the HSTS basically asks the browser to access the website using HTTPS on port 443. And any future attempts to access the website should be made via HTTPS.

The HSTS Preload list is a centralized list maintained by Google, of which every browser usually maintains a local copy that is regularly updated. The websites need to submit to Google to get added to the HSTS preload list. The recommended max-age is two years if the preload directive is also being used.

HSTS is particularly important as it forces HTTPS. It also helps save clients from MITM attacks. There are still scenarios when HSTS fails to protect from MITM, but to avoid that, don't connect to WIFIs you don't know or trust.

#networking #site-reliability-engineering

15 views

More from this blog

How do you decide when something is ready for production?

When an SRE team is taking service to production, they take over the responsibility of managing the service and would like to clarify all operational aspects to ease the journey. In my opinion, different organizations might choose to involve the SRE ...

Apr 11, 20222 min read85

How do you decide when something is ready for production?

What happens when you type www.google.com? (considering nothing is cached)

Ever wondered how the browser fetches a website from the internet? With over 40 years of development, there are so many things happening in the backdrop that it might totally sound overwhelming. But here's a step-by-step description of the phases tha...

Feb 8, 20226 min read78

What happens when you type www.google.com? (considering nothing is cached)

What is BGP?

How does it work? Why is it used?

May 3, 20212 min read26

What is a StatefulSet?

A stateful set is a Kubernetes object that manages a set of pods that need to maintain persistent storage. The StatefulSet ensures that each pod in the set has a unique identity and that the pods are always started in the same order. A StatefulSet i...

Apr 15, 20212 min read19

How do you ensure that a pod runs on each node?

In Kubernetes, a Daemonset is a type of controller that ensures that a specific pod is running on all (or a subset of) nodes in a cluster. Daemonsets are typically used for running system-level services like logging agents, monitoring agents, or othe...

Apr 8, 20212 min read22

How do you ensure that a pod runs on each node?

Rohan Purekar | Site Reliability Engineer

10 posts

I am a passionate Site Reliability Engineer, and I write about the stuff that I do. If Linux, Networking, Automation, etc., arouse your curiosity, I am hoping to see you again on this website.

Command Palette

More from this blog