encrypt.to
encrypt.to copied to clipboard
HTTPS only
There are some security risks with allowing your website to just work on plain HTTP. I recommend you configure encrypt.to that it
- responds to HTTP requests with redirects to https://encrypt.to
- sets the Strict-Transport-Security header, so that the browser will remember to prefer HTTPS
- uses secure cookies
As a benefit, you might be able to work yourself up in bad rating you currently get at https://observatory.mozilla.org/analyze/encrypt.to