Home Forums Webinar Discussions Do you have a topic you would like to see in a future webinar?

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #16058
    Benjamin
    Keymaster

    While I'm always scouring the internet for ideas on the next webinar or topics to discuss with the community, sometimes you may have specific plugins, themes, tools, ideas, questions, etc that you would like to see covered in a WPStudio Live Training Webinar.  So, here is your chance to ask for different topics.  This is also a chance to reaffirm other members' ideas for future training. I will rely heavily on member requests.

    But I do have one suggestion... when you request or list ideas for a webinar, it would be great if you could include links to specific plugins/themes/ideas that you want to learn more about as well as maybe provide an example or two of why this type of training might be helpful for the community.

    #17289
    BG
    Participant

    Would it be possible to have a webinar about "Security Headers" (and what to do if you find out they are "missing")?

    Reason for my request: Checking my own or customer websites on Website Vulnerability Scanner the "Website Security Score" is usually "F" (or at best "D"). Details e.g. read like this:

    The following security headers are missing from the website:

    Strict Transport Security (HIGH SEVERITY)
    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    X Content Type Options (LOW SEVERITY)
    The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions

    X Frame Options (MEDIUM SEVERITY)
    Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location

    Content Security Policy (HIGH SEVERITY)
    A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context

    X XSS Protection (LOW SEVERITY)
    A Cross-site scripting filter

    (BTW: even google.com scores only "D" when I checked...)

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.