I enabled the SSL/TLS recommender about a month ago on a couple of websites, received emails a few days later and implemented HSTS successfully. For my most popular site, I didn’t receive any recommendation to turn it on.
I am unsure what to do and don’t like to take unnecessary risks. Should I wait? Or is there anything that I can do about it?
The stats show not secure traffic at 0.3% for the last weeks, 8% is TLS v1.2, 92% is TLS v1.3.