Browser security: Difference between revisions

From bibbleWiki
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
Line 14: Line 14:
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
</syntaxhighlight>
</syntaxhighlight>
=HPKP HTTP Public Key Pinning =
=HTTP Public Key Pinning (HPKP)=
 
=Content Security Policy (CSP)=
=Content Security Policy (CSP)=


=Tools=
=Tools=

Revision as of 06:01, 4 September 2020

Resources

HSTS HTTP Strict Transport Security

Set up Apache HSTS

In Apache 2 000-default.conf 

<VirtualHost *:80> 
ServerName example.com 
Redirect permanent / https://example.com/
</VirtualHost>

In Apache 2 default-ssl.conf 

Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"

HTTP Public Key Pinning (HPKP)

Content Security Policy (CSP)

Tools

Retrieved from "https://wiki.bibble.co.nz/mediawiki/index.php?title=Browser_security&oldid=1913"