Add Content-Security-Policy (CSP) in Drupal 8

The Content-Security-Policy Drupal module helps you configure a Header set Content-Security-Policy header to specify what sources your website should load scripts from – (e.g. your own website, embedded YouTube video, and analytics trackers). This forces supporting web browsers to ignore other external requests to mitigate cross-site scripting (XSS) and other code injection attacks. There are Read More >

How to Add Referrer-Policy and X-Frame-Options in Zenphoto

After installing the Zenphoto image gallery content management system (CMS), available in Softaculous, there are multiple ways to easily improve website security: Force HTTPS (SSL certificate) Enforce minimum password strength Data privacy settings for GDPR and CCPA compliance But as stated in our Web Hosting New Year’s Resolutions for 2020 blog earlier this year, there Read More >

HTTP Headers WordPress Plugin – Feature Policy

The HTTP Headers plugin can set Feature-Policy to block web browser features (e.g. video autoplay, camera, and microphone) for improved WordPress security. Below we cover how to configure Feature Policy in WordPress. Get more performance and security features with our NGINX-powered WordPress Hosting. Feature Policy Install, and activate, the HTTP Headers plugin using your WordPress Read More >

Add X-Frame-Options in Drupal 8 with the Security Kit Module

The X-Frame-Options HTTP header specifies whether your Drupal website can be displayed within other websites with the <frame>, <iframe>, <object>, or <embed> HTML tags. This improves Drupal security against clickjacking and related cyber attacks. Below we’ll cover how to install the Security Kit module and enable X-Frames-Options. Mozilla recommends using the superseding Content Security Policy Read More >

How to Manage ConfigServer Security & Firewall (CSF) Profiles

In this article: Backup Restore Compare Configurations It behooves VPS and Dedicated server administrators to understand backup options available within WebHost Manager (WHM): cPanel, website, database, WHM-scheduled backups, and Softaculous backups. There’s also Snapshots in your Account Management Panel (AMP). If you’re auditing logs for how well your security has improved throughout a duration of Read More >