# HTTPS Pages without HSTS HTTPS pages which include a Strict-Transport-Security HSTS header in the HTTP response headers **Priority**: Low **Impact**: Negative ## What issues it may cause If any pages are being served on the HTTP protocol without a redirect, users will be able to access them on the HTTP protocol resulting in a poorer user-experience. This may result in a higher bounce/exit rate reducing conversions. ## How do you fix it A Strict-Transport-Security HSTS header should be included the response headers on all HTTPS URLs. ## What is the positive impact Users who have interacted with an HTTPS page that contains an HSTS header will be automatically redirected in the browser from any HTTP URLs on the same domain to the HTTPS equivalent, resulting in fewer pageviews of HTTP URLs, and a more secure experience. Users will not see any further pages as insecure, resulting in an improved user-experience and a lower rate of bounce back to search results. This may positively impact the rankings and increase traffic. ## How to fetch the data for this report template You will need to run a crawl for report template to generate report. When report has been generated and you have crawl id you can fetch data for the report using the following query: ```graphql query GetReportStatForCrawl( $crawlId: ObjectID! $reportTemplateCode: String! $after: String ) { getReportStat( input: {crawlId: $crawlId, reportTemplateCode: $reportTemplateCode} ) { crawlUrls(after: $after, reportType: Basic) { nodes { pageTitle url foundAtUrl deeprank level hsts https redirectedToUrl foundInGoogleAnalytics foundInGoogleSearchConsole foundInBacklinks foundInList foundInLogSummary foundInWebCrawl foundInSitemap } totalCount pageInfo { endCursor hasNextPage } } } } ``` **Variables:** ```json {"crawlId":"TjAwNUNyYXdsNDAwMA","reportTemplateCode":"https_pages_without_hsts"} ```