Browser security

From bibbleWiki

Revision as of 06:01, 4 September 2020 by Iwiseman (talk | contribs) (→CSP Content Security Policy)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Resources

https://caniuse.com/ great for seeing usage across browsers

HSTS HTTP Strict Transport Security

Set up Apache HSTS

In Apache 2 000-default.conf

<VirtualHost *:80> 
ServerName example.com 
Redirect permanent / https://example.com/
</VirtualHost>

In Apache 2 default-ssl.conf

Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"

HPKP HTTP Public Key Pinning

Content Security Policy (CSP)

Tools

Retrieved from "https://www.bibble.co.nz/mediawiki/index.php?title=Browser_security&oldid=1912"