HTTP security headers are very important part of website security as it protect you against different types of attacks including, XSS, SQL injection, clickjacking, etc. When you visit any website from your web browser, your browser requests it from the web server where the web site is hosted on. The web server then responds with …
Tag: Secure
Nov 25 2021
Implementing Security Headers in Azure Application Gateway
If your Azure App Service is behind Azure Application Gateway you will need to implement Strict Transport Security and Secure Headers in your Azure Application Gateway instead of App Service’s web.config or .htaccess Azure Application Gateway has an ability to add, remove or modify inbound and outbound headers. This can be done in “Rewrites” section …
Dec 27 2017
Apache HTTPOnly and Secure Cookie
Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. Here is how to configure HTTPOnly Secure Cookie Attribute in Apache.
Dec 27 2017
Nginx HTTPOnly and Secure Cookie
Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. There are two ways to configure HTTPOnly Secure Cookie Attribute in Nginx.