Security headers are easily overlooked in website audits. While some may say that website security is not an SEO-related concern, it does become SEO-related when a site becomes hacked and search ...

A researcher has created a method for testing and identifying how HTTP/HTTPS headers can be abused to sneak malicious code into back-end servers. Daniel Thatcher, researcher and penetration tester at ...

In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of ...

When it comes to optimizing your website for search engines, every detail matters — including the HTTP headers. But what exactly are HTTP headers, and why should you care? HTTP headers allow the ...

A recent Google SEO Office Hours featured a question about whether a security header conferred a ranking influence. It’s not as far out a question as it first appears because a security header like ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.

The other day, Jack Stonehouse asked me on Twitter why I was using a 307 redirect from the HTTP to HTTPS version of this site. The answer was, I was not. But why was he getting a 307 redirect and not ...

In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of ...