In order to improve the security of your site (and your users), you should disable the TRACE method from your web server. This method has no real-life usage and can be misused for XST (cross-site tracing) attacks. That is how you can disable it on...
In order to improve the security of your site (and your users), you should enable the HttpOnly flag on all of your cookies. It helps prevent XSS (cross-site scripting attacks) from gaining access to the session cookies via javascript. This is how...
To improve the security of your site against some types of XSS (cross-site scripting) attacks, it is recommended that you add the following header to your site: X-XSS-Protection: 1; mode=block It is supported by IE (Internet Explorer) and Chrome...
One of the most common causes of website compromises and malware attacks are due to outdated and vulnerable software. cPanel is one of the most important pieces of software you have running your site, since it allows you to manage and access the...
What is SSL? An SSL (Secure Sockets Layer) is a certificate on the website that allows for the safe passage of encrypted information from the client to the host server. If your site uses an SSL certificate, it is important to know the status of the...
The "Failed – Network Error" error occurs when the file does not download as expected by the browser, because the file size is different from the one previously specified or something happened to the connection during the download...
Although Apple has announced that iTunes Podcasts are now compatible with Let’s Encrypt SSL, if you continue to face issues such as "Can’t read your feed", you have to upgrade to the Professional or Business plan (if your domain is...
There are a couple reasons why you might see this message. 1) After setting up the domain, it could take up to 20 minutes for all changes to be applied on the Website Firewall clusters. In this case, the **Domain Not Configured** message is...
As explained in "Session Cookies" of the Troubleshoot Cache Issues article, you must set the Cache Level to "Site Caching" and add the following code to your .htaccess file: # BEGIN Prevent Session Cookie Cache <ifModule...
If you are getting: The Jetpack server was unable to communicate with your site [HTTP 406] That usually means your hosting server has mod_security enabled and it is blocking the access. Contact your hosting support and ask them to disable...