HSTS – HTTP Strict Transport

If your SSL environment is using HSTS (HTTP Strict Transport) with a max age usually six months to a year. HSTS automatically redirects HTTP requests to HTTPS for the target domain for a lengthy period of time. HSTS supported browsers store this max age data. One way to bypass this is by setting the HTTP Strict Transport max age to 0 (Zero). By setting this max age to 0 this will allow a site to switch between both HTTPS and HTTP pages without the possibility of being stuck in HTTPS or a redirect loop. Read More