HSTS (HTTP Strict Transport Security) tells browsers to only connect via HTTPS, preventing SSL stripping attacks. It should be enabled on all HTTPS websites with a max-age of at least 31536000 (one year).

Free SSL/TLS Checker

Verify your SSL certificate, check TLS versions and cipher suites, detect Heartbleed, POODLE, and other vulnerabilities.

https://

Analyzing SSL/TLS for ...

Daily scan limit reached

Redirecting to report...

Frequently Asked Questions

What does an SSL checker do? +

An SSL checker verifies your website's SSL/TLS certificate validity, expiration date, certificate chain, supported TLS versions, cipher suites, and checks for known vulnerabilities like Heartbleed and POODLE.

What TLS version should I use? +

You should use TLS 1.2 or TLS 1.3. TLS 1.0 and 1.1 are deprecated and have known security vulnerabilities. TLS 1.3 is the most secure and fastest version, supporting only strong cipher suites.

What is HSTS and why does it matter? +

HSTS (HTTP Strict Transport Security) tells browsers to only connect via HTTPS, preventing SSL stripping and downgrade attacks. Set the max-age to at least 31536000 (one year) and include the includeSubDomains directive.

How often should I check my SSL certificate? +

Check at least monthly, or set up automated monitoring. Let's Encrypt certificates expire after 90 days. Expired certificates cause browser warnings and erode user trust.