If you ever used Screaming frog, you probably encounted a bunch of warnings in the “Issues” tab. Common security related warnings are:
- Missing HSTS Header
- Missing Content-Security-Policy Header
- Missing X-Content-Type-Options Header
- Missing Secure Referrer-Policy Header
- Missing X-Frame-Options Header
Even though they are usually low priority SEO issues, (you can read their description in detail inside Screaming Frog) they can be fixed in less than a minute by adding this to .htaccess:
Header always set Strict-Transport-Security max-age=31536000
Header set X-Content-Type-Options "nosniff"
Header add Content-Security-Policy "default-src 'self';"
Header always set X-Frame-Options "SAMEORIGIN"
That’s it! Five things less to worry about.