Topic: Header Protection htaccess code | BulletProof Security Forum

Header Protection htaccess code

This topic has 1 reply, 2 voices, and was last updated 5 years, 5 months ago by AITpro Admin.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
November 11, 2018 at 4:16 pm #36621
tcarson
Participant

Was looking if there is a setting in BPSpro to deal with these warnings I got from the scan on my wordpress site. I see WP plugins for security headers but maybe there is a setting to take care on it in BPSpro.

Thanks

IMPROVEMENTS:
Header Referrer-Policy Missing This header should be set to no-referrer to prevent referrer information from being sent.
Header X-Content-Type-Options Missing This header should be set to nosniff to prevent browsers from doing MIME-type sniffing.
Header X-Frame-Options Missing This header should be set to DENY to prevent any domain from framing (iframe) the site.
Header X-XSS-Protection Missing This header should be set to 1 so browsers can attempt to block XSS attacks.
November 11, 2018 at 6:52 pm #36622
AITpro Admin
Keymaster

You can add BPS Bonus Custom Code for Header protection:

Mime Sniffing, Data Sniffing, Content Sniffing, Drive-by Download Attack Protection
https://forum.ait-pro.com/forums/topic/mime-sniffing-data-sniffing-content-sniffing-drive-by-download-attack-protection/
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.