While I was doing SEO for this blog in the past few couple of days, I’ve come across a set of HTTP security headers I’ve never heard of before. These are a set of HTTP headers that you can deploy on your website(s) to tell browsers how to interact with your site in a variety of situations, and they can help to prevent things like cross-site request forgery or iFrame injection XSS attacks from happening on your site, as well as improve your website(s) SEO score (apparently).
Needless to say, I immediately sought to implement them. If you’re looking for some settings that you can copy and paste right into your own web server, read on further.
Continue reading