all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HSTS vs HTTP 301 redirect

Add to bookmarks
May 27, 2022, noon | /u/foxtrot90210

cybersecurity www.reddit.com

To my understanding they do the same thing but work differently, please correct me if I am wrong.

`HSTS` \- user visits http://www.mysite.com, the website will automatically force the user to go to [https://www.mysite.com](https://www.mysite.com). The user never sees the unsecure http version.

​

`301 redirect` \- user visits [https://www.mysite.com](https://www.mysite.com). They ***DO*** establish a connection to the unsecured site, but then redirected to [https://www.mysite.com](https://www.mysite.com).

​

301 redirect is good, but for that split second a MITM attack can happen correct?

cybersecurity hsts http vs

Visit resource

More from www.reddit.com / cybersecurity

China hacked Ministry of Defence, Sky News learns an hour ago | www.reddit.com
china cybersecurity defence hacked +2
Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know 6 hours ago | www.reddit.com
apple cybersecurity iphone problem +1
Thoughts on forcing users to see aliases instead of emails in Microsoft? 7 hours ago | www.reddit.com
address alias cybersecurity email +7
Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony 7 hours ago | www.reddit.com
ceo change change healthcare cyberattack +6
Is it worth it? What would you do? 7 hours ago | www.reddit.com
application course cybersec cybersecurity +3
20 Security Issues Found in Xiaomi Devices 8 hours ago | www.reddit.com
cybersecurity devices found security +2
Tinyproxy HTTP Connection Headers use-after-free vulnerability 8 hours ago | www.reddit.com
cybersecurity free headers http +3
PaloAlto GlobalProtect VPN installer inside official Asus server bios zip archive 9 hours ago | www.reddit.com
archive cybersecurity doubt download +7
Lockbit's seized site comes alive to tease new police announcements 9 hours ago | www.reddit.com
announcements cybersecurity lockbit police +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Privacy Engineer, Implementation Review

@ Meta | Menlo Park, CA | Seattle, WA
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

SOC Analyst

@ Rubrik | Palo Alto
View on infosec-jobs.com

Consultant Tech Advisory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs