HTTP security headers provide another layer of security, helping to mitigate attacks and security vulnerabilities. These headers protect against XSS, code injection, clickjacking, etc. They have nothing to do with your SSL (Secure Socket Layers) Certificate but as a rule, should always be implemented to increase your website’s protection against unwanted attacks.
Here’s a quick tip to check the basic security of your website in four simple steps:
Step 1. Visit this website https://securityheaders.com
Step 2. Type in your website address into the box provided.
Step 3. Click on the black scan button.
Step 4. Sit back and wait a few seconds for your results.
What did your website score? If it’s an A+ to B you’re being well looked after, your security headers have been set up well. Anything below that and you might want to consider finding out why. Web security is vitally important to website owners and you really expect everything to be covered.
This is one of the first things we set on all our websites and although we are working towards the A+ result we are happy that we have scored an A on all our sites.