If you need to prevent SSLstrip attack, I would recommend enabling HSTS. In this link, you can see that
Implement HSTS policy – A Strict policy under which browser won’t open a page unless the site has HTTPS.
1.4m articles
1.4m replys
5 comments
56.9k users