This helps to prevent protocol downgrade attacks and cookie hijacking. HSTS stands for HTTP Strict Transport Security, it’s a web security policy mechanism that forces web browsers to interact with websites only via secure HTTPS connections (and never HTTP). In Everything Encryption A quick look at what HSTS is and how to clear it on two of the most popular browsers.