What is this?

This tool generates the web.config settings you need to help make your site more secure.

You simply enable or disable the options you would or wouldn't like to include and it outputs the values for you web.config file at the bottom. Click to go down and see it.

If you have checked your site against securityheaders.io or something similar, they will recommend you implement this security headers.

It can be quite difficult to know exactly what to put in these headers and to know what all of the options are. This tool gives you the options to choose from and outputs the values at the bottom.

Security Settings

Try turning them on and changing the options, see the output at the bottom of the page..

Content Security Policy

This is one of the trickiest values to create and edit. You will need to set all of the third party sources that are allowed to run on your website.

Paste or type in your current CSP value or a starting CSP value

This value will update as you start interacting with the UI below.

Output for your web.config file