HTTP Security Headers for IIS - Windows and Tool

If you found your application missing  with various security headers which can prevents various kinds of attacks. HTTP security headers provide yet another layer of security by helping to mitigate attacks and security vulnerabilities.

Here we will provide information as how to include those header using IIS.

First visit to check will header are missing.

Complete list is as follows.

   * Open IIS Manager
   * Select the Site you need to enable the header for
   * Go to “HTTP Response Headers”
   * Click “Add” under actions
    * Enter name, value and click Ok

  • X-Content-Type-Options Header

Name : X-Content-Type-Options
Value : nosniff

  • X-Frame-Options Header

Name :X-Frame-Options
Value : DENY

  • X-XSS-Protection Header

Name : X-XSS-Protection

Value : 1; mode=block

  • Content-Security-Policy Header

Name : Content-Security-Policy
Value : default-src 'self'

Name : Content-Security-Policy
Value : script-src 'self'

default-src     Load everything from defined source
script-src     Load only scripts from defined source

  • Referrer-Policy Header

* Update soon

For Apache HTTP Server Nginx MaxCDN visit

Contact us for any question on this topic


How to HIDE IIS ASP.Net and X-Powered-By ASP.NET

Click here to Read Complete Article


Top 5 Largest technology employers in Silicon Valley

Click here to Read Complete Article


DNS flag day 2019 - How to check your website

Click here to Read Complete Article


Removes these 85 dangerous apps from your Android Phone - Complete list

Click here to Read Complete Article

Search for any Payment Gateway PayPal , PayTm , BIKE BOT , Tech Help , Tech News

Click here to Contact for any Integration Help

Click here if you wants free ₹51 in bank account NOW!

Now how to make Money Online for Free

India Asian Gold Medals