Hardening your website security headers

hardening security headers

HTTP security headers deliver additional layers of security to reduce your website’s susceptibility to attacks and violations (in addition to an SSL certificate).

  • HTTP Strict Transport Security (HSTS) ensures that insecure http connections aren’t allowed.
  • Content Security Policy helps prevent code injection attacks by defining approved content sources.
  • X-Content-Type-Options reduces drive-by downloads.
  • X-XSS-Protection ensures the cross-site scripting (XSS) filter is enabled.
  • X-Frame-Options prevent clickjacking by preventing the use of iframes.
  • Expect-CT verifies certificate transparency.

We recommend hardening your HTTP security headers.  Have a chat to Creative Passion about regular maintenance to protect your site against such vulnerabilities.