Site icon API Security Blog

I’m a Senior Security Consultant at Imperva, and I’ve been doing web application security for over 15 years.

Here’s my top 10 list of things that you can do to protect your website from attack:

1. Use HTTPS Everywhere (https://www.eff.org/https-everywhere) 2. Protect Your Cookies (https://blog.imperva.com/2015/05/protecting-your-cookies/) 3. Secure Your Web Server with ModSecurity (https://www.modsecuritybook.com/) 4 . Harden Your PHP Configuration 5 . Use HTTP Strict Transport Security 6 . Implement Content Security Policy 7 . Enforce TLS 8 . Set Up HSTS Preload 9
https://t.co/RdtYoaUPbb

Exit mobile version