In order to improve the security of your site against ClickJacking, it is recommended that you add the following header to your site: X-Frame-Options: SAMEORIGIN It is supported by all browsers and prevents an attacker from iframing the content of...
In order to improve the security of your site (and your users) against some types of drive-by-downloads, it is recommended that you add the following header to your site: X-Content-Type-Options: nosniff It is supported by IE (Internet Explorer) and...
Most web servers display its version and modules in use by default. Best security practices recommend that you disable this option, since it can be used to find vulnerabilities of your site. The NIST Guide for Securing Web Servers also recommends it...
In order to improve the security of your site (and your users), you should disable the TRACE method from your web server. This method has no real-life usage and can be misused for XST (cross-site tracing) attacks. That is how you can disable it on...
In order to improve the security of your site (and your users), you should enable the HttpOnly flag on all of your cookies. It helps prevent XSS (cross-site scripting attacks) from gaining access to the session cookies via javascript. This is how...
To improve the security of your site against some types of XSS (cross-site scripting) attacks, it is recommended that you add the following header to your site: X-XSS-Protection: 1; mode=block It is supported by IE (Internet Explorer) and Chrome...
One of the most common causes of website compromises and malware attacks are due to outdated and vulnerable software. cPanel is one of the most important pieces of software you have running your site, since it allows you to manage and access the...
One of the most common causes for website compromises and malware attacks are due to outdated (and vulnerable) web software. Every software has bugs, but some of these bugs can lead to security vulnerabilities. As a webmaster, you always have to...