diff --git a/h5bp/security/x-content-type-options.conf b/h5bp/security/x-content-type-options.conf index 3c24518..48f0b41 100644 --- a/h5bp/security/x-content-type-options.conf +++ b/h5bp/security/x-content-type-options.conf @@ -1,5 +1,5 @@ # ---------------------------------------------------------------------- -# | Reducing MIME type security risks | +# | Content Type Options | # ---------------------------------------------------------------------- # Prevent some browsers from MIME-sniffing the response. diff --git a/h5bp/security/x-frame-options.conf b/h5bp/security/x-frame-options.conf index bc2e637..fdad5ba 100644 --- a/h5bp/security/x-frame-options.conf +++ b/h5bp/security/x-frame-options.conf @@ -1,5 +1,5 @@ # ---------------------------------------------------------------------- -# | Clickjacking | +# | Frame Options | # ---------------------------------------------------------------------- # Protect website against clickjacking. diff --git a/h5bp/security/x-xss-protection.conf b/h5bp/security/x-xss-protection.conf index 8ebc061..f01591d 100644 --- a/h5bp/security/x-xss-protection.conf +++ b/h5bp/security/x-xss-protection.conf @@ -1,7 +1,9 @@ # ---------------------------------------------------------------------- -# | Reflected Cross-Site Scripting (XSS) attacks | +# | Cross-Site Scripting (XSS) Protection | # ---------------------------------------------------------------------- +# Protect website reflected Cross-Site Scripting (XSS) attacks. +# # (1) Try to re-enable the cross-site scripting (XSS) filter built # into most web browsers. # diff --git a/h5bp/ssl/policy_intermediate.conf b/h5bp/ssl/policy_intermediate.conf index e9e2a22..b008723 100644 --- a/h5bp/ssl/policy_intermediate.conf +++ b/h5bp/ssl/policy_intermediate.conf @@ -5,9 +5,9 @@ # For services that don't need backward compatibility, the parameters # below provide a higher level of security. # -# (!) This policy enfore a strong SSL configuration, which may raise +# (!) This policy enforces a strong SSL configuration, which may raise # errors with old clients. -# If a more compatible profile is required, use intermediate policy. +# If a more compatible profile is required, use the intermediate policy. # # (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known # to be weak and potentially vulnerable but are required to support diff --git a/h5bp/ssl/policy_modern.conf b/h5bp/ssl/policy_modern.conf index 615f3c9..a50a9f2 100644 --- a/h5bp/ssl/policy_modern.conf +++ b/h5bp/ssl/policy_modern.conf @@ -3,7 +3,8 @@ # ---------------------------------------------------------------------- # For services that want to be on the bleeding edge, the parameters -# below sacrifice compatibility for the highest level of security & performance +# below sacrifice compatibility for the highest level of security +# and performance. # # (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1 # to be installed.