What is HTTP Strict Transport Security? From Wikipedia, the free encyclopedia HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should interact with it using only secure HTTPS connections,[1] and never via the insecure HTTP […]