EdgeADC Build 4.2.10
EdgeADC Administration Guide
×
 © Edgenexus Limited, 2021

flightPATH

·     X-Content-Type-Options – add this header if it doesn’t exist and set it to “nosniff” –  prevents the browser from automatically “MIME-Sniffing”.
·     X-Frame-Options – add this header if it doesn’t exist and set it to “SAMEORIGIN” – pages on your website can be included in Frames, but only on other pages within the same website.
·     X-XSS-Protection – add this header if it doesn’t exist and set it to “1; mode=block” – enable browser cross-site scripting protections
·     Strict-Transport-Security – add header if it doesn’t exist and set it to “max-age=31536000 ; includeSubdomains” – ensures client should honor that all links should be HTTPs:// for the max-age