In order to improve the security of your site (and your users) against some types of drive-by-downloads, it is recommended that you add the following header to your site:
X-Content-Type-Options: nosniff
It is supported by IE (Internet Explorer) and Chrome and prevents them from MIME-sniffing a response from the declared content-type.
This article from Microsoft explains it: Reducing MIME type security risks
Enabling this header
You can enable it by modifying your Apache settings or your .htaccess
file, and adding the following line to it:
<IfModule mod_headers.c>
Header set X-Content-Type-Options nosniff
</IfModule>
Sucuri Customers
Or you can enable it automatically on CloudProxy (along with other security headers) by setting "Additional Security Headers " to on. Note that it is enabled by default for all our customers.
If you have any questions, please contact our research team at research@sucuri.net.