HTTP Only Site
- Risk:
Medium
- Type:
- Active
- CWE:
- CWE-311
- Summary
The site is only served under HTTP and not HTTPS.
- Solution
Configure your web or application server to use SSL (https).
- Other info
- There was no automatic redirection. ZAP attempted to connect via: https://example.com
Free security scan for your website