NIS 2 Art. 21.2(g)

Cryptography and encryption

UnveilScan findings mapped to this control

The scanner emits 1 distinct finding on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.http_no_https_redirect ⏱ 15 min

WEB — Http no https redirect

Risk if ignored: Every first visit over http:// is a plaintext page hand-off. SSLStrip / active on-path attackers downgrade the user silently; cookies set during that visit are exposed. HSTS only helps from the SECOND visit onward.

security

Also maps to 4 other controls

ANSSI Reco-TLS R3 — Activer HTTPS et la redirection systématique
GDPR Art. 32 — Security of processing
ISO 27001:2022 A.8.20 — Networks security
PCI-DSS 4.0 4.2.1 — Strong cryptography for transmissions over public networks