If you’ve ever played with web servers, dug into browser dev tools, or optimized a website’s security and performance you’ve probably run into HTTP headers. Among the most common headers, we can find HSTS, used by almost 3500 of the top 10,000 websites in the world, according to the current data provided by Built With. […]
Security is more important than ever, new threats are emerging daily in the internet world. Have you ever wondered how web browsers protect your data integrity when you visit different websites? Meet Cross-Origin-Resource-Policy (CORP), a cool tool to secure your online data. Cross site requests are a big part of web security, especially in the
Cross-Origin-Resource-Policy (CORP) Configuration Guide Read More »
The internet can feel like a minefield sometimes, but features like Cross-Origin Resource Sharing (CORS) are here to make things safer and more reliable. Of course, even the best tools have their flaws. Did you know that a study of the top 1 million websites found that about 3.75% had CORS settings so loose they
CORS Headers: Cross-Origin Resource Sharing Configuration Guide Read More »
The Hidden Dangers of Security Misconfigurations Security misconfigurations are a leading cause of data breaches and cybersecurity incidents. According to IBM’s 2024 Cost of a Data Breach Report, misconfigurations, often categorized under IT failures and human error, contribute to nearly half of all breaches, with associated costs averaging $4.88 million per incident. In fact, Gitprotect
The Hidden Dangers of Security Misconfigurations Read More »
Despite its intricate name, this policy plays a key role in stopping security threats by regulating the incorporation of web resources into a page from external sources. COEP is a security feature that allows only reliable elements to access your website, which shields us against some potential vulnerabilities. Additionally, implementing headers that enable cross origin
Cross Origin Embedder Policy: An Essential Tool for Ensuring Web Security Read More »
Nowadays, the issue of online privacy has become a top priority for both internet users and developers. As we surf the web, we encounter many websites and applications that often request access to our personal information and our device’s resources. This has created a critical need to manage and control who and what can access
Permissions Policy HTTP Header: Configuration and Examples Read More »
What are DNS Misconfigurations? And How to Prevent Them When was the last time you looked at your DNS settings? For many organizations, DNS is an essential part of their infrastructure. It quietly translates domain names into IP addresses, and it is all good until something goes wrong. Misconfigurations in DNS are a goldmine for
What is an SSL Certificate Issuer? The internet is a great place but there are a lot of bad guys out there so securing sensitive data is super important. SSL/TLS certificates play a big role in securing online communication. But who exactly gives these certificates the thumbs up? Enter SSL/TLS Certificate Issuers: these are the
IIS is a popular web server developed by Microsoft for its Windows Server operating system. While not as popular as Apache or Nginx, it’s still quite used in the Windows hosting environment. That’s one of the reasons on why IIS security is still so important these days. Currently, IIS has an estimated market share of
IIS Security: Top Tips to Harden your IIS Web Server Read More »
Taking care of your Apache Security is probably one of the first things you should do after installing your web server, as it’s key to your web applications and data safety. Even before focusing on optimizations, we must prioritize security practices to prevent unauthorized access, data breaches, and vulnerabilities. Apache is one of the most
