1. 29

    1. 4

      Yay, my personal blog and amazon have the same grade. :P

      1. 3

        Haha - me too.

        1. 2

          Until GitHub offer HTTPS (somehow - not even sure if it’s possible with their architecture of the otherwise brilliant GitHub Pages), my blog will be a big fat F. :-)

          1. 3

            Mine supports https and it’s still an F (15/100)! :(

          2. 1

            My blog is hosted on AWS S3+Cloudfront and is in a similar boat. Unfortunately, S3 doesn’t let you set most custom headers like Strict-Transport-Security.

        2. 3

          It really helped to push me to really fix things that I knew were semi “broken” to get this A+! In addition also found that the redirect from HTTP to HTTPS was broken, which I didn’t really see because of the browser’s caching the HSTS. Oops! :)