Skip to content

Commit

Permalink
improve language
Browse files Browse the repository at this point in the history
  • Loading branch information
@netcode
netcode committed Jul 10, 2017
1 parent 842dc7b commit 0063049
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ Checklist of the most important security countermeasures when designing, testing

## Access
- [ ] Limit requests (Throttling) to avoid DDoS / Bruteforce attacks.
- [ ] Use HTTPS on server side to avoid MITM.
- [ ] Use HTTPS on server side to avoid MITM (Man In The Middle Attack).
- [ ] Use `HSTS` header with SSL to avoid SSL Strip attack.

## Input
Expand All @@ -40,7 +40,7 @@ Checklist of the most important security countermeasures when designing, testing
- [ ] If you are parsing XML files, make sure entity expansion is not enabled to avoid `Billion Laughs/XML bomb` via exponential entity expansion attack.
- [ ] Use CDN for file uploads.
- [ ] If you are dealing with huge amount of data, use Workers and Queues to return response fast to avoid HTTP Blocking.
- [ ] Do not forget and leave the DEBUG mode on.
- [ ] Do not forget to turn the DEBUG mode OFF.

## Output
- [ ] Send `X-Content-Type-Options: nosniff` header.
Expand Down

0 comments on commit 0063049

Please sign in to comment.