This module inserts an HTTP Strict Transport Security header into your Backdrop
site's pages. For more information regarding HTTP Strict Transport Security, see
This method of header insertion is useful for those who can't change their web
server's configuration to include the HSTS header.
Install this module using the official Backdrop CMS instructions at
Visit the configuration page under Administration > Configuration > Security >
HTTP Strict Transport Security Settings (admin/config/security/hsts) and alter
the default settings as desired.
If your server is behind an SSL terminated proxy, you can set the HSTS headers
to be included on HTTP responses as well. Please be advised, however, that the
HSTS specification states that the STS headers should only be included on
Bugs and Feature requests should be reported in the Issue Queue:
- Jerry Hudgins (https://github.com/jerry-hudgins/)
- Ported to Backdrop CMS by Jerry Hudgins (https://github.com/jerry-hudgins/).
- Originally written for Drupal by Mathew Winstone (https://github.com/minorOffense/).
This project is GPL v2 software. See the LICENSE.txt file in this directory for