Skip to content

Improve website security settings

Totem website:

  • Enable CSP (if possible)
  • Add header Strict-Transport-Security "max-age=63072000"
  • Add header X-Content-Type-Options "nosniff"
  • Add X-Frame-Options header
  • Add header X-XSS-Protection "1; mode=block"
Edited by Maarten de Waard
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information