Vicentini Webdesign Blog

Tips, instructions, workflows, inspiration, news and trends


HTTP security header for the .htaccess file

I check my customers’ websites for their technical security for GDPR. What’s really bad on all websites are the HTTP headers. SIWECOS* recommends the following settings for the .htaccess file: #START HTTP Security header #Content Security Policy-CSP-HEADER # Download content only from sites explicitly allowed # Example: Allow everything from your own domain, no externas: […]

Scroll to Top