Webflow offers basic website security through SSL, but the header configuration options are generally quite limited.
Hyperspeed gives you the ability to add these secure header configurations to your site.
HSTS enforces secure connections to your website by automatically redirecting HTTP requests to HTTPS. This prevents man-in-the-middle attacks and ensures data integrity and privacy.
Jul-2024 - HSTS headers have been added to Webflow,
The Access-Control-Allow-Origin header manages which domains can access your resources. By configuring this header, HyperSpeed restricts resource access to specified origins, protecting your site from malicious cross-origin requests and reducing the risk of data leaks.
Permissions-Policy, previously known as Feature-Policy, controls which web features and APIs can be used in the browser. By setting policies such as geolocation, camera, and microphone, HyperSpeed limits the capabilities that can be exploited by malicious scripts and IFRAME-embedded content, enhancing your site's security and user privacy.
For example, this would block camera use entirely;
Permissions-Policy: camera=()
While this would restrict use to specific origins
Permissions-Policy: camera=(self "https://www.mysite.com")
The Referrer-Policy header controls the amount of referrer information sent with requests. By configuring it to strict settings, HyperSpeed minimizes the risk of leaking sensitive URL data to third-party sites, maintaining the confidentiality of your users' browsing history and interactions on your site.
Each of these headers plays a crucial role in strengthening your website's security, ensuring a safer experience for your users and protecting your site from various web threats. HyperSpeed simplifies the management of these headers, allowing you to focus on your core business while maintaining robust security.
Do you need this feature on your site?
We love working with great clients, and building great systems. Give us a shout.
Click on any item to view that FAQ.
