Wednesday, February 15, 2017

HTTP Security Headers

The HTTP protocol offers a lot of features to improve the security of your web app. If you have no clue what XSS, CSP, HSTS, HPKP,… means, than the following blog post is a must read: https://blog.appcanary.com/2017/http-security-headers.html

It walks through a whole list of security headers explaining the use case, reasons (not) to use it, and how to activate it on your HTTP server.

No comments: