Help make the web a safer place!

COS websites hosted on HubSpot infrastructure lack essential headers that are needed for helping protect a site and its visitors:

  • Strict-Transport-Security
  • X-Frame-Options
  • X-XSS-Protection
  • X-Content-Type-Options
  • Referrer-Policy

You can see this for yourself here:


Can Hubspot please look at implementing these basic security headers that can be easily implemented on a LAMP or ISS hosted website.

HubSpot updates