Barry Pollard's Blog, page 2

If you've ever thought of publishing a tech book then read up on my experiences writing HTTP/2 in Action for Manning.

Practical tips to speed up, secure and improve your website. Tweak your server config, optimise your https config and improve SEO of your website.

Make your website more secure by following these top 5 recommendations (including patching, HTTPS, HTTP security headers and implementing a WAF).

Use the X-Content-Type-Options HTTP Header to add security to your website by preventing files of one type being downloaded and used as another type.

Learn how Content Security Policy (CSP) can be used to secure your website and prevent Cross Site Scripting (XSS) and other such attacks.

Improve security of your website by forcing HTTPS all the time, with the use of the HSTS Header. Also learn about the risks and when you should NOT use it.

Hide server version from HTTP Headers to reduce the information about the software your server runs on which is recommended to improve security.

Secure your website by using Secure and HttpOnly Cookies only so they cannot be stolen and used to attack your website.

Improve the securiry on your website by ensuring that basic Cross Site Scripting protections in browsers are always switched on for your site.

Learn how HTTP security headers returned by your web server can be used to secure your website. Including some of the newer HSTS, CSP and HPKP options.