Skip to main content

How to correctly set Content-Security-Policy headers?

Setting the Content-Security-Policy (CSP) header correctly is an essential step in enhancing the security of your web application. The CSP header allows you to define a policy that restricts the types of content that can be loaded by a web page, thereby mitigating risks such as cross-site scripting (XSS) and data injection attacks. Here's a general guide on how to correctly set CSP headers:


Drupal security best practices

Drupal Security
I was recently looking certain random things for all Drupal sites that I know to see what information I can get from these sites and I was surprised to see that many of them do not have the basic Drupal security recommendations done. For example, I could tell the exact Drupal, PHP and Nginx versions in many cases. Some of the sites were on Drupal versions that were vulnerable. So I decided to write a checklist that if followed exactly will take care of at least the recommended best practices.
Subscribe to Security


Therefore logo
80 Atlantic Ave, Toronto, ON Canada
Call us: +1 4166405376

Let us know how we can help!