Check if your webpage is vulnerable to MIME-type sniffing

Test your website for X-Content-Type-Options header

Netsparker Web Application Security Scanner - the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

What is X-Content-Type-Options Header?

X-Content-Type-Options header secure MIME (Multipurpose Internet Mail Extensions) types to prevent someone misusing the website resources and stealing the content.

How to implement Content-Type-Options?

You can configure your web server like Apache HTTP, IBM HTTP, Nginx, Shared hosting by following this guide.

Alternatively, you can enable at network edge if using SUCURI.

Once you are done with the configuration, use this tool to verify if X-Content-Type-Options header is implemented.