Tag: Secure

Implementing Security Headers in Azure Application Gateway

If your Azure App Service is behind Azure Application Gateway you will need to implement Strict Transport Security and Secure Headers in your Azure Application Gateway instead of App Service’s web.config or .htaccess Azure Application Gateway has an ability to add, remove or modify inbound and outbound headers. This can be done in “Rewrites” section …

Continue reading

Apache HTTPOnly and Secure Cookie

Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. Here is how to configure HTTPOnly Secure Cookie Attribute in Apache.

Continue reading

Nginx HTTPOnly and Secure Cookie

Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. There are two ways to configure HTTPOnly Secure Cookie Attribute in Nginx.

Continue reading