Chat
888.321.HOST(4678)
Support CenterThe HTTP Strict Transport Security (HSTS) HTTP header ensures web browsers always load your image gallery with HTTPS. After you force SSL usage, follow below to add HSTS in Zenphoto. Warning: Once enabled, HSTS disallows the user from overriding an invalid or self-signed certificate message. Your website will be inaccessible without a valid SSL. Add Read More >
Search Results for: HSTS
Add HSTS in Drupal 8 with the Security Kit Module
Adding HSTS (HTTP Strict Transport Security) in Drupal 8 forces web browsers to only load your website with a valid SSL certificate. This improves Drupal security against downgrade attacks and similar man-in-the-middle (MITM) attacks. HSTS is similar to a HTTP to HTTPS redirect but within the browser. Below we’ll cover how to install the Security Read More >
WordPress HTTP Headers Plugin – HSTS
The HTTP Headers plugin has the ability to add, and manage, HTTP Strict Transport Security (HSTS) in your .htaccess file to improve WordPress security. This forces web browsers that support HSTS to only load your website a using secure (HTTPS) connection. You must have a valid paid, or free, SSL certificate installed on your website Read More >
Enable HSTS in Cloudflare
Whether you’re using shared or VPS hosting services to create a website, it’s important to have a SSL for added security. For additional security you can use HTTP Strict Transport Security (HSTS) which forces browsers to request HTTPS pages from your domain. This is typically configured within your .htaccess file. However, those using the Cloudflare Read More >
Force HSTS using .htaccess
HSTS (HTTP Strict Transport Security) protects users from cookie hijacking and protocol downgrade attacks by forcing browsers to request HTTPS pages from your domain. HSTS is similar to a 301 redirect from HTTP to HTTPS but at the browser level. There may be a specific HSTS configuration appropriate for your website. The following are less Read More >
Add Feature-Policy in Drupal 8 with the Security Kit Module
The Feature-Policy HTTP header specifies what browser features can be used on a website and its <iframe> elements. The most common browser features among a long list are autoplay (for videos), camera, fullscreen, and microphone. Below we’ll cover how to install the Security Kit module in Drupal 8 and enable Feature Policy. Get high performance Read More >
How to Install a Zenphoto Plugin
Zenphoto has a long list of plugins for integrating security, reCAPTCHA spam filtering, web analytics, and other features into your image gallery. Below we cover how to install a Zenphoto plugin and view plugin settings. Create new websites on your managed VPS with Softaculous Instant Installer. Install a Zenphoto Plugin Login to Zenphoto. At the Read More >
Add Content-Security-Policy (CSP) in Drupal 8
The Content-Security-Policy Drupal module helps you configure a Header set Content-Security-Policy header to specify what sources your website should load scripts from – (e.g. your own website, embedded YouTube video, and analytics trackers). This forces supporting web browsers to ignore other external requests to mitigate cross-site scripting (XSS) and other code injection attacks. There are Read More >
How to Enable DNSSEC with Cloudflare
In this article, we cover how to implement domain name system security extensions (DNSSEC) with the Cloudflare content delivery network (CDN): Enable DNSSEC Verify DNSSEC is working DNSSEC provides an authentication layer by digitally signing a domain’s DNS records at the authoritative DNS server. With DNSSEC added to a domain, if the DNS cannot be Read More >
10 Ways to Harden Your VPS Hosting
In this article: Security Features Support Options The biggest changes in upgrading from Shared to VPS Hosting are root access and Web Host Manager (WHM). These two capabilities grant you more responsibility for maintaining server security for your content management systems (CMSs), websites, and email solutions. You can access both of these features within your Read More >