Simple Ways to Greatly Increase Website Security

Security
Adding just a few extra headers to your website's response can help improve the overall security of your website. By doing this it will help prevent clickjacking, MIME based, and cross-site scripting attacks. Clickjacking Clickjacking occurs when an attacker is able to load a transparent page over top your website. This allows an unsuspecting user to think they are clicking items and actions on your website but are really interacting with the invisible page. This would allow malicious actions to occur that the user never intended. To help prevent this we can add the following header. # if you need to allow [i]frames, you can use SAMEORIGIN # or even set a uri with ALLOW-FROM uri add_header X-Frame-Options SAMEORIGIN; For additional X-Frame-Options visit - https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options MIME based attacks MIME based…
Read More