The Daily Dose

Building secure Web apps isn’t exactly easy, but there are a number of small tweaks you can implement using HTTP security headers to help protect yourself against attacks. With relatively simple configuration changes, modern headers like CONTENT-SECURITY-POLICY and X-FRAME-OPTIONS allow you to protect your site against cross-site-scripting attacks or clickjacking with a small change. Unfortunately, most people don’t know about security headers or how easy they are to implement. A new Web app, securityheaders.io, gives you actionable fixes for your Web app by simply typing in a domain name. What’s most fascinating is the distribution of sites across the test so far. Only 1,407 sites achieved…

This story continues at The Next Web