Knowledge base
1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Disable Automatic Resource Type Detection
This guide explains how to protect a website from malicious exploitation of MIME Sniffing. Some internet browsers (including Chrome and Internet Explorer) have a feature (MIME-Type sniffing) that automatically detects the type of a web resource. Therefore, a resource declared as an image could be interpreted as a script if its content suggests so.
If you want to guard against this risk, the solution is to disable automatic resource type detection via the .htaccess file of your websites. Learn more
Disable MIME-Type Sniffing
- Open the .htaccess file of the relevant site using FTP Manager or an FTP software
- Add the following code, starting with:
<ifmodule mod_headers.c="">
- Add the following code:
Header always set X-Content-Type-Options "nosniff" - End with:
</ifmodule>
- Save the .htaccess file
Link to this FAQ: