Security Headers

From Wiki

Revision as of 16:42, 19 June 2024 by Qljca (talk | contribs) (Created page with "==Add the following to .htaccess== <pre> Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Content-Type-Options "nosniff" Header always set Referrer-Policy "same-origin" Header always set Permissions-Policy "" Header always set Content-Security-Policy "script-src 'self' 'unsafe-inline';" </pre>")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Add the following to .htaccess

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy "same-origin"
Header always set Permissions-Policy ""
Header always set Content-Security-Policy "script-src 'self' 'unsafe-inline';"

Retrieved from "https://workwiki.in/index.php?title=Security_Headers&oldid=122"