Thoughts on Umbraco health, web performance, security hardening and operational best practices.
Security issues in Umbraco projects often don’t come from major flaws, but from small, easily overlooked gaps - like missing headers, inconsistent HTTPS enforcement, or outdated configurations. Over time, these can add up and increase risk without being immediately visible.
Security headers are small but powerful settings your Umbraco 17 website sends to a user’s browser to help keep things safe. They protect against common threats like malicious scripts, clickjacking, and insecure connections - without affecting how your site looks or works.