Visualforce, Salesforce sites, or Communities must use HTTPS

Impact area

Security

Severity

Medium

Affected element

Org Config

Rule ID

SF-0168

Impact

Use of unencrypted http protocol can expose confidential data.


Remediation

Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Require secure connections (HTTPS)".

Time to fix

30 min

References

This rule is linked to Common Weakness Enumeration CWE-284 Improper Access Control.




Last modified on Oct 13, 2020