HTTP Headers WordPress Plugin – Content Security Policy (CSP)

The HTTP Headers plugin makes it easy to configure Content Security Policy (CSP) for WordPress security. The Header set Content-Security-Policy header forces web browsers to only load what’s specified within your CSP. Think of CSP as a “code firewall.” No matter what code is in that webpage, the browser is only allowed to load what’s Read More >

Add Content-Security-Policy (CSP) in Drupal 8

The Content-Security-Policy Drupal module helps you configure a Header set Content-Security-Policy header to specify what sources your website should load scripts from – (e.g. your own website, embedded YouTube video, and analytics trackers). This forces supporting web browsers to ignore other external requests to mitigate cross-site scripting (XSS) and other code injection attacks. There are Read More >

How to Add Referrer-Policy and X-Frame-Options in Zenphoto

After installing the Zenphoto image gallery content management system (CMS), available in Softaculous, there are multiple ways to easily improve website security: Force HTTPS (SSL certificate) Enforce minimum password strength Data privacy settings for GDPR and CCPA compliance But as stated in our Web Hosting New Year’s Resolutions for 2020 blog earlier this year, there Read More >

HTTP Headers WordPress Plugin – Referrer-Policy

The HTTP Headers plugin can set a referrer-policy header to control what information is sent through the referer header with URI requests. This prevents URLs with sensitive information from showing up in web analytics software logs. For example, clicking links on a password reset page could send user credentials within the referrer. Below we cover Read More >

HTTP Headers WordPress Plugin – Feature Policy

The HTTP Headers plugin can set Feature-Policy to block web browser features (e.g. video autoplay, camera, and microphone) for improved WordPress security. Below we cover how to configure Feature Policy in WordPress. Get more performance and security features with our NGINX-powered WordPress Hosting. Feature Policy Install, and activate, the HTTP Headers plugin using your WordPress Read More >

Add Feature-Policy in Drupal 8 with the Security Kit Module

The Feature-Policy HTTP header specifies what browser features can be used on a website and its <iframe> elements. The most common browser features among a long list are autoplay (for videos), camera, fullscreen, and microphone. Below we’ll cover how to install the Security Kit module in Drupal 8 and enable Feature Policy. Get high performance Read More >

Add X-Frame-Options in Drupal 8 with the Security Kit Module

The X-Frame-Options HTTP header specifies whether your Drupal website can be displayed within other websites with the <frame>, <iframe>, <object>, or <embed> HTML tags. This improves Drupal security against clickjacking and related cyber attacks. Below we’ll cover how to install the Security Kit module and enable X-Frames-Options. Mozilla recommends using the superseding Content Security Policy Read More >

WP Cerber Security Hardening Options

In this article: Hardening Options Server Hardening Options With WP Cerber Security having so many features, it can replace other single-purpose WordPress security plugins you may have installed. It can set up a maintenance page for when your website is under construction. It has an access control list (ACL) and custom email notifications. WP Cerber Read More >

How to Manage ConfigServer Security & Firewall (CSF) Profiles

In this article: Backup Restore Compare Configurations It behooves VPS and Dedicated server administrators to understand backup options available within WebHost Manager (WHM): cPanel, website, database, WHM-scheduled backups, and Softaculous backups. There’s also Snapshots in your Account Management Panel (AMP). If you’re auditing logs for how well your security has improved throughout a duration of Read More >

Why Security is Important for Small Business Websites

Security is an important ongoing task when you create a website, with or without an e-commerce store. Cyber attacks aren’t slowing down. But you don’t want your small business slowing down as a result to this. And it doesn’t have to. There’s always news covering the consequences of businesses being hacked for personally identifiable information Read More >