Details
Alert Id 10106
Alert Type Active Scan Rule
Status beta
Risk Medium
CWE 311
WASC 4

Summary

The site is only served under HTTP and not HTTPS.

Solution

Configure your web or application server to use SSL (https).

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/HttpOnlySiteScanRule.java