Ninetiger blog

-- my reminder

A couple of security settings in web.config's customHeaders section

Date: 2016-05-03 03:31:26 | By: ninetiger | Tags: Asp.net, Security 
<configuration>
   <system.webServer>
      <httpProtocol>
        <remove name="X-Powered-By" />
         <customHeaders>
            <add name="X-Frame-Options" value="DENY" />
            <add name="X-XSS-Protection" value="1;mode=block" />
            <add name="X-Content-Type-Options" value="nosniff" />
         </customHeaders>
      </httpProtocol>
   </system.webServer>
</configuration>

X-Frame-Options: Disable other website to show my webpages in their web pages using iframes.

Tags: Asp.net, Security
Comments:

Latest updates

[2019-06-20] Sql script checks: before create table or sp

[2019-06-13] Read appsettings.json (*.json) from .net Core library project

[2019-04-14] Convert .cert and .key to .pfx cert

[2017-03-09] Azure asp.net website upload with Proxy setup

[2017-02-24] How to only clone subdirectories from a Git Repository

[2017-02-07] Git push hanging on large size files

[2016-12-28] How do interest rates affect stock prices?

[2016-11-23] Npm & Bower proxy setup for Visual Studio (vs2015) behind firewall

[2016-11-20] Show img with cover 100% div and control which part of the img to show

[2016-11-15] git: How to change default Branch in a bare repository

Archives

  1. 2019 June (2)
  2. 2019 April (1)
  3. 2017 March (1)
  4. 2017 February (2)
  5. 2016 December (1)
  6. 2016 November (7)
  7. 2016 August (1)
  8. 2016 June (1)
  9. 2016 May (2)
  10. 2016 April (2)
  11. 2016 March (1)
  12. 2016 January (1)

Tags

Misc Bootstrap Git Asp.net Security Exchange Server css javascript Shares iis .Net Core SQL

Back to top