Configure security features
Configure security settings such as XSS protection or HSTS
Attempt to fix security issues associated with target=_blank
Automatically fix security and performance issues induced by target=_blank by adding rel="opener" or rel="noreferrer" or both values
Tell the browser it should only use https
HSTS header lifetime
apply HSTS settings to subdomains
Make your web site available with https only in some browsers. For more information, please see https://hstspreload.org/
Configure the X-Frames-Options header. Values are
- None: do not override the header
- Deny: set the value to DENY
- Same Origin: Set the value to SAME_ORIGIN
- Allow From an Origin: allow frame inclusion from the url provided in Allow from URI setting
Allow your website to be embedded from this a specific URI. X-Frame-Options value must be set to 'Allow from an origin' for this to work
Configure X-Content-Type-Options header. Values are
- None: do not send the header
- No Sniff: The client should not attempt to guess the content mime type
Configure XSS-Protection header. Values are
- None: do not override the header
- Disable: do not send the header
- Filter: enable XSS-Protection filtering. The browser will sanitize the page
- Block: enable XSS-Protection filtering. The browser will block page rendering if anattack is detected
- Block and Report: enable XSS-Protection filtering. The browser will sanitize the page and report the violation to the URI configured with XSS Report URL setting
Prevent script and css tampering by adding a signature to the HTML tag. Values are
- None: do not set the SRI
- SHA256: compute SRI using SHA256
- SHA384: compute SRI using SHA384
- SHA512: compute SRI using SHA512
Change the value of the meta generator header to a custom value
Configure the secret token used to access the Joomla administrator. For example if you configure secret123 as your secret token, you will need to access your joomla administrator by adding ?secret123 at the end of the url
https://www.mywebsite.com/administrator/?secret123