HTTP Response Headers

Security Headers

Harden up your security

Additional security at minimal cost

HTTP headers have been introduced to help enhance the security of a website. Some of these headers can be very useful protection against certain type of attacks, but amazingly their use is not widely spread.

Here’s a quick overview of the security features. You don’t need to worry about how to figure it all out though. I have sorted and tested these and am pleased to present a format to suit most WordPress installations.

Content Security Policy
A well-applied Content Security Policy can drastically decrease the chances of exploitation of most forms of cross-site scripting attacks.

The Strict Transport Security (HSTS) header is used to force browsers to communicate only with the server over a secure connection.

This header lets the owner of the website decide which sites are allowed to frame their site. this prevents an attacker from manipulating the victim into unknowingly performing actions on the target website.

This header can be used to enable or disable the built-in feature supported in Internet Explorer, Chrome and Safari, currently.

Helps to prevent browsers from being tricked into making incorrect decisions which would attackers to execute malicious code on victim’s browsers.

Referrer Policy
Referrer Policy will allow a site to control the value of the referrer header in links away from their pages.

Website security is a real issue.

See how the word’s top 100 websites fair in a security analysis.

What do I get?

Security improvement for sites with an SSL certificate – money back GUARANTEE if I do not get your site to at least a Grade C rating

An extra layer of security

Force the browser to communicate only via SSLPrevent modern browsers running in to preventable vulnerabilities, such as Cookie Hijacking

You MUST have an SSL certificate in place to use this service.

How much does it cost?

Every website has different needs, so there is no set price. The starting point is to undertake a security and performance review of your website and make recommendations based on my findings. The cost for a review is just £145 which can then off-set against any future works. Alternatively, you are most welcome to take the information to your current developer.

When do I get it?

All orders will be completed within 5 working days

What do you need from me?

SFTP, FTP or Cpanel (File manager) access