Skip to content

Commit d56fc82

Browse files
NetBenderNetBender
committed
Fixed typo
1 parent 9953de4 commit d56fc82

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Evaluator/Mitigations/HSTS_not_set.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
<ExtendedName>HSTS not set</ExtendedName>
44
<Description>Without the HSTS header, an attacker can use the SSL stripping attack to redirect all the HTTPS connection to their unsecure counterparts. By doing this, all the messages are sent in plaintext and can thus be manipulated.</Description>
55
<Mitigation>
6-
<Textual>Enable the HSTS header transmission within the webservers' settings</Textual>
6+
<Textual>Enable the HSTS header transmission within the webserver's settings</Textual>
77
<Snippet>
88
<Apache>1. open your Apache configuration file (default: */etc/apache2/sites-available/default-ssl.conf*);
99
2. add the line `Header always set Strict-Transport-Security "max-age=31536000"`.

0 commit comments

Comments
 (0)