Many decisions go into the process of creating a secure website. One of these decisions is selecting which HTTP security headers to implement. Today, we’ll dive into the most important HTTP security headers and the best practices that will strengthen your website’s security. Table of Contents The Security Headers HTTP Strict Transport Security (HSTS) Content-Security-Policy (CSP) X-XSS-Protection X-Frame-Options Referrer-Policy X-Content-Type-Options Permissions-Policy Configuring a Security Header Nginx Apache IIS Firebase Learn More About Security Headers The...

Read more

Working in the security industry and having an insecure site looks super bad. So imagine how I felt after discovering that the security report for my brand new personal site sucked: To fix this, I decided to improve my security score. I’m sharing my findings and solutions here so you can improve your site security too. This is good not only for improving your site security, but also to improve your SEO performance on Google....

Read more