Compare commits
No commits in common. "820bebe032980f521cd80827e044782dd5bddd9d" and "78a7d913fe6a4bce9ec6a91b4d5e98d21d281580" have entirely different histories.
820bebe032
...
78a7d913fe
|
@ -13,7 +13,7 @@ I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/c
|
|||
|
||||
Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.**
|
||||
|
||||
Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://developer.mozilla.org/en-US/observatory/analyze?host=ethanyoo.com)
|
||||
Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/)
|
||||
|
||||
Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties.
|
||||
|
||||
|
@ -24,4 +24,3 @@ If you do contact me, you're not required to use a real name or a permanent emai
|
|||
*Updated on **December 29, 2022** after adding the website's search function*\
|
||||
*Updated on **March 12, 2023** to move a sentence describing the website's search function*\
|
||||
*Updated on **June 2, 2024** to reflect the use of Plausible Community Edition and to change some wording*
|
||||
*Updated on **July 8, 2024** to replace the link to Mozilla Observatory ([deprecated](https://developer.mozilla.org/en-US/blog/mdn-http-observatory-launch/)) with a link to the [MDN HTTP Observatory](https://developer.mozilla.org/en-US/observatory)*
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# Security tests: https://observatory.mozilla.org/
|
||||
# Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
|
||||
Header always set Access-Control-Allow-Origin "analytics.ethanyoo.com"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
Header always set X-Frame-Options "DENY"
|
||||
Header always set X-DNS-Prefetch-Control "off"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
Before Width: | Height: | Size: 6.7 KiB After Width: | Height: | Size: 19 KiB |
Binary file not shown.
Before Width: | Height: | Size: 2.3 KiB After Width: | Height: | Size: 65 KiB |
Loading…
Reference in New Issue