https://cncz.science.ru.nl/tags/hsts/ Recent content in Hsts on C&CZ News Hugo -- gohugo.io en-us postmaster Wed, 14 Jan 2026 00:00:00 +0100 https://cncz.science.ru.nl/news/2026-01-15_hsts_ru_nl/ Wed, 14 Jan 2026 00:00:00 +0100 Simon Oosthoek https://cncz.science.ru.nl/news/2026-01-15_hsts_ru_nl/ <h2 id="some-websites-under-sciencerunl-may-be-inaccessible">Some websites under science.ru.nl may be inaccessible</h2> <p>Several users have reported that they can no longer access websites such as <code>http://example.science.ru.nl</code>. Browsers block these connections because the parent domain ru.nl now requires HTTPS, while some websites, often served directly from devices or sensors, do not support encrypted connections.</p> <p>We are working on a general solution and will update this article once it becomes available.</p> <h2 id="background-http-strict-transport-security-hsts">Background: HTTP Strict Transport Security (HSTS)</h2> <p>Modern browsers enforce HTTP Strict Transport Security (HSTS) to prevent unencrypted HTTP access. Domains can opt in by being listed on hstspreload.org. Once listed, all subdomains must use HTTPS, and browsers will block HTTP entirely.</p>