Du bist hier:
You want to protect your website against Cross Site Scripting or Phishing? Then follow these instructions and check if your website works.
- In the hosting administration you activate HSTS  and OCSP  in the SSL settings.
- Now create a .htaccess in your main domain directory and add the following code:
#FireStorm Security Headers <IfModule mod_headers.c> Header set X-Content-Type-Options nosniff </IfModule> Header set Content-Security-Policy "default-src 'self';" Header set X-Frame-Options "SAMEORIGIN" Header set Referrer-Policy "no-referrer" Header set Permissions-Policy "microphone 'none'; geolocation 'none'"
- If you check your website, you should get the highest award at the following link: https://securityheaders.com/.
- Now check your website if everything is still working properly.