웹취약성 (1) 썸네일형 리스트형 2023년 홈페이지 취약점 점검 문제점 및 핵심사항 해결 방법 Missing HTTP Strict Transport Security (HSTS) Description (됨) The server didn't return a Strict-Transport-Security header as part of its HTTPS response, which should be enabled to prevent Man-in-The-Middle (MiTM) attacks. Solution Set the Strict-Transport-Security header with "max-age=63072000; includeSubDomains" as value and configure your server to redirect HTTP requests to HTTPS. GET / HTTP/1.. 이전 1 다음
