Security Baseline Checklist

1. Enforce HTTPS everywhere and redirect all HTTP traffic.

2. Configure HSTS, CSP, and X-Content-Type-Options headers.

3. Validate SPF, DKIM, and DMARC alignment for your domain.

4. Monitor certificates, redirects, and mixed-content regressions.

5. Disable directory listing and remove server fingerprint leaks.

6. Re-scan critical pages after each deployment.