Title: HSTS Last modified: August 31, 2016 --- # HSTS * Resolved [Amir](https://wordpress.org/support/users/repenter/) * (@repenter) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/) * Hi 🙂 I am using your plugin and I have a question about HSTS. I have read about it in faq. But what is the general benefit of this option? and when should we use it? * Thanks * [https://wordpress.org/plugins/really-simple-ssl/](https://wordpress.org/plugins/really-simple-ssl/) Viewing 6 replies - 1 through 6 (of 6 total) * Plugin Contributor [Rogier Lankhorst](https://wordpress.org/support/users/rogierlankhorst/) * (@rogierlankhorst) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237387) * HSTS forces all your visitors to view your site over SSL, and makes their browser remember it for a year afterwards. * So it makes your site more secure, and makes it harder to do a man in the middle attack. * If you want to keep the option open to revert back to http, don’t enable it, in all other case I would enable it. * Hope this helps! * Rogier * Thread Starter [Amir](https://wordpress.org/support/users/repenter/) * (@repenter) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237466) * Hey Rogier Sorry, I got another problem. Few days ago my developer installed this on my website and from that time gtmetrix and gwt can not open my site. * My website has not been optimized yet, but at least I could open it in gtmetrix and gwt, before. * My webhosting told me this: Instead of changing in htaccesss, change the http to https inside the wordpress. The .htaccess method is adding load time to your site. * So is this correct? Did you have similar issue in the past? * Thanks * Thread Starter [Amir](https://wordpress.org/support/users/repenter/) * (@repenter) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237473) * He also added: we would suggest not forcing this redirect via .htaccess as WordPress has its own rewrite engine, using .htaccess adds load time to your page. * Do you agree with this? Can you guide me a bit? * Plugin Contributor [Rogier Lankhorst](https://wordpress.org/support/users/rogierlankhorst/) * (@rogierlankhorst) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237495) * Hi Amir, * In the siteurl as well as the homeurl the http is automatically changed to https when you activate Really Simple SSL. * You can always remove the .htaccess redirects, and enable “stop editing the . htaccess” in the plugin settings. Then you can check if that helps. But in my experience a .htaccess redirect is very fast. Besides, it only kicks in when a user requests the site on http. * Without the .htaccess the website is in some cases accessible over http, which is less secure. * Hope this helps. * Rogier * Thread Starter [Amir](https://wordpress.org/support/users/repenter/) * (@repenter) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237560) * Hi Rogier Sorry to bring this up again. I used this tutorial for switching to https: [https://www.keycdn.com/blog/http-to-https/](https://www.keycdn.com/blog/http-to-https/) * So in my htaccess I entered this code: * RewriteCond %{HTTPS} off RewriteRule (.*) [https://%](https://%){HTTP_HOST}%{ REQUEST_URI} [R=301,L] * And I noticed it’s similar to your plugin’s code: * RewriteCond %{HTTPS} !=on [NC] RewriteRule ^(.*)$ [https://%](https://%){HTTP_HOST}%{ REQUEST_URI} [R=301,L] * I want to be sure are these equal? I can remove the other code? * Thanks * Plugin Contributor [Rogier Lankhorst](https://wordpress.org/support/users/rogierlankhorst/) * (@rogierlankhorst) * [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237561) * The effect of both lines of code is the same, so you can choose which one you like best 🙂 Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘HSTS’ is closed to new replies. * ![](https://ps.w.org/really-simple-ssl/assets/icon-256x256.png?rev=2839720) * [Really Simple Security - Simple and Performant Security (formerly Really Simple SSL)](https://wordpress.org/plugins/really-simple-ssl/) * [Frequently Asked Questions](https://wordpress.org/plugins/really-simple-ssl/#faq) * [Support Threads](https://wordpress.org/support/plugin/really-simple-ssl/) * [Active Topics](https://wordpress.org/support/plugin/really-simple-ssl/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/really-simple-ssl/unresolved/) * [Reviews](https://wordpress.org/support/plugin/really-simple-ssl/reviews/) * 6 replies * 2 participants * Last reply from: [Rogier Lankhorst](https://wordpress.org/support/users/rogierlankhorst/) * Last activity: [10 years, 2 months ago](https://wordpress.org/support/topic/hsts/#post-7237561) * Status: resolved