HTTP Strict Transport Security (HSTS) protects against HTTP downgrade attacks by forcing browsers to only make secure connections with your domain. Adding NGINX HSTS is similar to and designed to work with SSL redirects. The HSTS header embeds the redirect code within the user’s web browser. The security HTTP header is supported by the most Read More >
Search Results for: HSTS
Add HSTS in Zenphoto
The HTTP Strict Transport Security (HSTS) HTTP header ensures web browsers always load your image gallery with HTTPS. After you force SSL usage, follow below to add HSTS in Zenphoto. Warning: Once enabled, HSTS disallows the user from overriding an invalid or self-signed certificate message. Your website will be inaccessible without a valid SSL. Add Read More >
Add HSTS in Drupal 8 with the Security Kit Module
Adding HSTS (HTTP Strict Transport Security) in Drupal 8 forces web browsers to only load your website with a valid SSL certificate. This improves Drupal security against downgrade attacks and similar man-in-the-middle (MITM) attacks. HSTS is similar to a HTTP to HTTPS redirect but within the browser. Below we’ll cover how to install the Security Read More >
Enable HSTS in Cloudflare for Stronger SSL Security
Whether you’re using shared or VPS hosting services to create a website, it’s important to have a SSL certificate for added security. But it is not enough to install a domain validated SSL. You need to ensure your web server only serves website requests with an encrypted connection. This is accomplished with a 301 redirect Read More >
Force HSTS using .htaccess
HSTS (HTTP Strict Transport Security) protects users from cookie hijacking and protocol downgrade attacks by forcing browsers to request HTTPS pages from your domain. HSTS is similar to a 301 redirect from HTTP to HTTPS but at the browser level. There may be a specific HSTS configuration appropriate for your website. The following are less Read More >
10 Tips to Improve Magento Security
It is important to stay on top of Magento security practices to protect your website and customer data against cyber intrusions. Below we’ll cover some tips for hardening your Magento website and web server. Initial Setup Create an Unique Admin Panel URL Install an SSL Certificate Hardening Magento Security Magento Security Extensions and Backups Magento Read More >
Drupal 9
Drupal 9 Education Channel Drupal 9 is a great content management system for those wanting a powerful and secure website. Follow the articles below to learn more about using the free, open-source website builder. Getting Started with Drupal 9 Here’s a short list of tasks you’ll need to know when building a new Drupal 9 Read More >
Force HTTPS on Joomla 4
One of the first things you should do when you install a new website is install an SSL certificate, free or paid, to encrypt traffic. Then, you must force HTTPS on Joomla 4 traffic. Neither are difficult tasks to complete and both instantly secure Joomla for you and your visitors. cPanel server hosting includes AutoSSL, Read More >
Joomla 4 Security HTTP Headers
Learning how to secure Joomla 4 is easier than ever before. With the pre-installed HTTP Headers Joomla plugin, you can add up to ten security HTTP headers to protect your data against next-generation cyber attacks. How to Secure Joomla 4 with HTTP Headers Log into your Joomla 4 administrator dashboard (e.g. https://example.com/administrator). Select System from Read More >
Improve ownCloud Server Security
How secure is ownCloud? As with most stable software, the answer depends on how well you protect your instance against ownCloud security issues. There are many ownCloud vulnerabilities listed in the National Vulnerability Database (NVD). Fortunately, there are many countermeasures you can implement to protect your ownCloud server from these and server level cyber intrusions. Read More >