HSTS (HTTP Strict Transport Security)
Definition
HSTS is a response header that tells browsers to use HTTPS only for a host, blocking insecure HTTP access after the first secure visit.
By Vinespire Editorial Team, Editorial ·
This term is part of the full AI search glossary.
Full definition
The Strict-Transport-Security header includes a max-age and may set includeSubDomains or preload eligibility. Once recorded, browsers skip cleartext requests, reducing SSL-stripping and mixed-content risk.
HSTS does not redirect crawlers by itself; sites still need proper HTTPS canonicals and server redirects from HTTP. Misconfigured HSTS on the wrong host can lock users out until max-age expires.
Secure, consistent HTTPS URLs simplify canonical signals and trust for users who open AI citations. See Canonical URL, CDN Caching, and Content Security Policy.
Example
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload