When I submit https://myWordPressSite.com to security headers checker it returns an A+.
But when I submit http://myWordPressSite.com It returns an F.
I have configured nginx to redirect http traffic to the https address.
Does the above represent a security vulnerability nonetheless?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi there,
As long as you have a 301 redirect for HTTP to HTTPS it should be ok.
You can test your redirect with curl, for example:
curl -IL http://yourdomain.com
Feel free to share the output here!
Best,
Bobby
Hi @smallnavyboat,
That should be alright then. Since you have a redirection from HTTP to HTTPS you shouldn’t be worried by the F on your HTTP side.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.