HSTS is becoming standard requirement for many IT Security departments. The inability to enable HSTS on a Webflow site makes it tough to use Webflow.
This is needed, my IT department wants me to move our websites because Webflow cannot do this.
Need this basic and must to have security headers as early as possible
What is the status of this—let's not call it a feature since it is most definitiely a requirement?
SEO must have. Security feature compulsory to continue with Webflow. Our biggest problem with Webflow right now!
Mega up vote, need this for my clients. Could be a deal breaker
Wordpress and even SquareSpace EASILY allow HSTS. On SquareSpace, you just click a button to engage and it's done. This request has been on WebFlow's radar for ... looks like a year or longer.
Come on guys - this is a basic nowadays.
Totally necessary. This is now considered in all basic automatic security checks. Can't live without it.
@webflow team - is this being progressed ?
Please add this feature! We need it as well!
This is a requirement for good SEO as well, and we're putting our SEO clients on Webflow more and more. Please add this feature!
Ran some security checkups on my clients project and got the same result "D" as in poor Strict Transport Security.
I'd think that putting effort to cybersecurity would be a benefit for Webflow too as not all site builder offers it so you'd gain a market leap with that? Maybe? Just saying.
We've also just had a client asking about this regarding a security report telling them the site has a security concern and requires an HSTS header to ensure browsers only communicate over HTTPS. Seems to me that this is a bit of a biggie to get on top of.
I’m losing clients who want to use Webflow but who are running SecurityScorecard reports which mandates HTTP Strict Transport Security (HSTS).They are Webflow fans and would love an excuse not to worry about the need to add HSTS headers to their site. Would love to see Webflow move to an HTTPS-only model, with HSTS headers on by default.
I am running into this issue as well is SEM Rush. Any word on when this will be a feature on webflow?
Please consider this ticket as HIGH VALUE and LOW COMPLEXITY. All we need is a configuration to "Force HSTS". I would be willing to sponsor the development on this ticket.
Forcing HSTS is mandatory for our SEO. Please fix. This is fundamental and a baseline expectation from a marketing site persspective.
Please allow a setting for "Force HSTS".
The absence is a problem from SEO perspective
This is an issue we're running into. I'm sure this isn't an easy fix but it would really be helpful.
You won't be notified about changes to this idea.