Skip to content

Month: October 2020

Security Headers

I still use Apache for a web server because of the vast amount of documentation on the web, something I’ve overlooked for a long time are security headers… The more I read about security breaches from other sites the more paranoid I get about the sites I have on the internet.

Enabling Apache security headers is pretty straight forward, first enable the Apache module headers

sudo a2enmod headers

And reload Apache

sudo systemctl restart apache2

You may wish to go into each individual virtual host to enable specific headers for specific sites but in my case I’m going to edit the Apache config which effects every website running.

Open Apache config