Security Overview

Security level in your website controls the HTTP security headers to be returned to the browser when a resource is requested.

The table below shows the values of HTTP security headers for different Security levels.

HTTP HeaderNoBasicStandardFull
Referrer-Policy𐄂no-referrer-when-downgradestrict-originsame-origin
X-Content-Type-Options𐄂nosniffnosniffnosniff
X-Frame-Options𐄂sameoriginsameoriginsameorigin
X-Xss-Protection𐄂1; mode=block1; mode=block1; mode=block
Strict-Transport-Security𐄂𐄂𐄂max-age=31536000; preload
Feature-Policy𐄂layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'
Content-Security-Policy𐄂default-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' ws: wss: http: https:default-src 'self' data: 'unsafe-inline' wss: https:default-src 'self' data: wss: https:

You could use external service like securityheaders.com to scan your website.

We use cookies to offer you a better experience and analyze site traffic. By continuing to use this website, you consent to the use of our cookies.