logo

HTTP Only Site

  • Risk:
  • Medium

  • Type:
  • Active
Summary

The site is only served under HTTP and not HTTPS.

Solution

Configure your web or application server to use SSL (https).

Other info
There was no automatic redirection. ZAP attempted to connect via: https://example.com
References

https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html

https://letsencrypt.org/

Free security scan for your website