Compare commits

..

3 Commits

Author SHA1 Message Date
Ethan Yoo 820bebe032
Replace link to Mozilla Observatory 2024-07-08 19:06:42 -04:00
Ethan Yoo 33e452b59e
Update .htaccess file 2024-07-08 19:01:28 -04:00
Ethan Yoo 680cc20064
Update icon directory 2024-07-08 18:49:00 -04:00
5 changed files with 2 additions and 2 deletions

View File

@ -13,7 +13,7 @@ I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/c
Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.** Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.**
Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/) Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://developer.mozilla.org/en-US/observatory/analyze?host=ethanyoo.com)
Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties. Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties.
@ -24,3 +24,4 @@ If you do contact me, you're not required to use a real name or a permanent emai
*Updated on **December 29, 2022** after adding the website's search function*\ *Updated on **December 29, 2022** after adding the website's search function*\
*Updated on **March 12, 2023** to move a sentence describing the website's search function*\ *Updated on **March 12, 2023** to move a sentence describing the website's search function*\
*Updated on **June 2, 2024** to reflect the use of Plausible Community Edition and to change some wording* *Updated on **June 2, 2024** to reflect the use of Plausible Community Edition and to change some wording*
*Updated on **July 8, 2024** to replace the link to Mozilla Observatory ([deprecated](https://developer.mozilla.org/en-US/blog/mdn-http-observatory-launch/)) with a link to the [MDN HTTP Observatory](https://developer.mozilla.org/en-US/observatory)*

View File

@ -1,7 +1,6 @@
# Security tests: https://observatory.mozilla.org/ # Security tests: https://observatory.mozilla.org/
# Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control # Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
Header always set Access-Control-Allow-Origin "analytics.ethanyoo.com" Header always set Access-Control-Allow-Origin "analytics.ethanyoo.com"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Frame-Options "DENY" Header always set X-Frame-Options "DENY"
Header always set X-DNS-Prefetch-Control "off" Header always set X-DNS-Prefetch-Control "off"
Header always set X-Content-Type-Options "nosniff" Header always set X-Content-Type-Options "nosniff"

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.9 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 19 KiB

After

Width:  |  Height:  |  Size: 6.7 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 65 KiB

After

Width:  |  Height:  |  Size: 2.3 KiB