Security

Home /
Categories /
Security

Content-Security-Policy

Pieter van der Meer
Howto , Apache , Ssl , Security

This is the third article in the series of hardening this webserver. If you have not read them, please read: Protecting my Webserver and SSL Cypher hardening. In this article, I show the usage of the Content-Security-Policy header. This header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via an HTTP Header.

SSL Cypher hardening

Pieter van der Meer
Howto , Apache , Ssl , Security

I the previous post I described simple actions that you can take to harden your web server. It showed you headers that you can alter without too much interference on the functioning.

Protecting my web server

Pieter van der Meer
Howto , Apache , Ssl , Security

Just recently I finished an article for the Dutch Java magazine about securing your website by means of https connections. In the article, we (Ivo Woltring and I) describe details on how to get a certificate for your Webserver from the LetsEncrypt CA.