Common Security Headers
Strict-Transport-Security
Enforces secure (HTTPS) connections to the server to prevent man-in-the-middle attacks.
Content-Security-Policy
A powerful allow-list mechanism to prevent Cross-Site Scripting (XSS) and data injection.
X-Frame-Options
Protects your visitors against Clickjacking attacks by preventing iframe embedding.