The fact this still isn't an option for all plans is insane. These are the kind of issues that are forcing us to consider moving away from webflow. It should be a standard feature - all their competitors can do it....
I spoke with a Webflow representative who indcated that they were aware of the probelm but have no plans to address it. If this is true, that's absolutely ridiculous. I can address this issue at all levels of nearly every other platform out there but Webflow ignores it? Ridiculous!
Seriously, Webflow, this is the most basic default requirement for any website out there these days. 15K / year just to get the HSTS header? Seriously consider to just offer it in the regular plans. - it's about time
I am shocked that WebFlow does not enable HSTS on their shared hosting plans. This is a stunning security failure by WebFlow, leaving their clients' shared hosting plans vulnerable to a common and widely known security attack. Lots of other hosting companies routinely offer HSTS enablement. Why cannot WebFlow?
This isn't a quality of life update, this is literally a crucial and fundamental security feature that you should be utterly ashamed of not already providing. It's a make or break aspect and is forcing us to migrate our clients to different website hosts.
Please add this to ALL plans. This is becoming extremely necessary for our company and we are not a large enough company to justify your enterprise plan. If we can't gain access to this ability, we will be forced to build on another platform. Unfortunate, because Webflow is great, otherwise.
Our clients are neither in need of nor budgetarily able to switch to the Enterprise Plan, and if purchasing it is the only way to prevent them from failing their regular website audits then we are going to be forced to start cancelling our client websites and rebuilding them from scratch in Squarespace.
As we have clients in the banking and education industries, this feature is not only an industry standard but a make-or-break security necessity that is not being marked up or paygated by other major hosting providers.
We have been recommending your platform and using it solely for our web design and development for years, but this is a major enough security issue that we will have to begrudgingly move away from the platform if it can not be remedied
Our clients are neither in need of nor budgetarily able to switch to the Enterprise Plan, and if purchasing it is the only way to prevent them from failing their regular website audits then we are going to be forced to start cancelling our client websites and rebuilding them from scratch in Squarespace.
As we have clients in the banking and education industries, this feature is not only an industry standard but a make-or-break security necessity that is not being marked up or paygated by other major hosting providers.
We have been recommending your platform and using it solely for our web design and development for years, but this is a major enough security issue that we will have to begrudgingly move away from the platform if it can not be remedied
This is a standard security protocol that webflow is gatekeeping in order to force people to pay $15k for an enterprise plan. Due to this, we have clients failing their security audits which is starting to necessitate us moving projects away from this platform due to webflow being unable to meet basic privacy standards that are free with pretty much every other platform.
Security must be a must for all plans, it is an important requirement for many tech companies, please prioritise easy and affordable security options for all plans.
Space Angels
.svg){kind=logo}
The fact this still isn't an option for all plans is insane. These are the kind of issues that are forcing us to consider moving away from webflow. It should be a standard feature - all their competitors can do it....
This should be included in all plans because it's basic security !
Does that mean that Webflow doesn't care about security at all ???
I spoke with a Webflow representative who indcated that they were aware of the probelm but have no plans to address it. If this is true, that's absolutely ridiculous. I can address this issue at all levels of nearly every other platform out there but Webflow ignores it? Ridiculous!
We need this urgently! Please get this feature available for every siteplan.
I'm surprised this is still an issue and not resolved after.... FOUR YEARS?!?
This is a fundamental feature of modern IT security requirements, please implement this as standard.
Seriously, Webflow, this is the most basic default requirement for any website out there these days. 15K / year just to get the HSTS header? Seriously consider to just offer it in the regular plans. - it's about time
I am shocked that WebFlow does not enable HSTS on their shared hosting plans. This is a stunning security failure by WebFlow, leaving their clients' shared hosting plans vulnerable to a common and widely known security attack. Lots of other hosting companies routinely offer HSTS enablement. Why cannot WebFlow?
Please, do it
It's quite strange that security features are only available on the enterprise plan.
There is still no solution for this. It is very necessary for SEO and site ranking.
+1
This isn't a quality of life update, this is literally a crucial and fundamental security feature that you should be utterly ashamed of not already providing. It's a make or break aspect and is forcing us to migrate our clients to different website hosts.
+1
Please add this to ALL plans. This is becoming extremely necessary for our company and we are not a large enough company to justify your enterprise plan. If we can't gain access to this ability, we will be forced to build on another platform. Unfortunate, because Webflow is great, otherwise.
Our clients are neither in need of nor budgetarily able to switch to the Enterprise Plan, and if purchasing it is the only way to prevent them from failing their regular website audits then we are going to be forced to start cancelling our client websites and rebuilding them from scratch in Squarespace.
As we have clients in the banking and education industries, this feature is not only an industry standard but a make-or-break security necessity that is not being marked up or paygated by other major hosting providers.
We have been recommending your platform and using it solely for our web design and development for years, but this is a major enough security issue that we will have to begrudgingly move away from the platform if it can not be remedied
Our clients are neither in need of nor budgetarily able to switch to the Enterprise Plan, and if purchasing it is the only way to prevent them from failing their regular website audits then we are going to be forced to start cancelling our client websites and rebuilding them from scratch in Squarespace.
As we have clients in the banking and education industries, this feature is not only an industry standard but a make-or-break security necessity that is not being marked up or paygated by other major hosting providers.
We have been recommending your platform and using it solely for our web design and development for years, but this is a major enough security issue that we will have to begrudgingly move away from the platform if it can not be remedied
We successfully added HSTS for a client and esured SEO was not affected. Reach out to us at https://littlebigthings.dev
This is a standard security protocol that webflow is gatekeeping in order to force people to pay $15k for an enterprise plan. Due to this, we have clients failing their security audits which is starting to necessitate us moving projects away from this platform due to webflow being unable to meet basic privacy standards that are free with pretty much every other platform.
Security must be a must for all plans, it is an important requirement for many tech companies, please prioritise easy and affordable security options for all plans.