Frequently Asked Question
Security Headers
Last Updated a year ago
Analyse: https://securityheaders.com/
Quelle: https://www.roundaboutweb.net/sicherheit/security-headers-fuer-wordpress-einrichten/
Eintragung in .htaccess:
### 16.05.2019 | Round About WEB Security Headers ### <ifmodule mod_headers.c> Header set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header set Referrer-Policy "same-origin" Header set X-XSS-Protection "1; mode=block" Header set x-frame-options "SAMEORIGIN" Header set X-Content-Type-Options "nosniff" Header set Feature-Policy "none" Header set Content-Security-Policy "self" Header set Permissions-Policy "accelerometer=(), autoplay=(self), camera=(), encrypted-media=(), fullscreen, geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(); payment=(), picture-in-picture=('self'), usb=()" </ifmodule>