Status pages on the Plus plan support custom HTTP response headers. Add cross-origin resource sharing (CORS), security, and custom headers to HTTP responses returned by your status page. The following security headers are supported: HTTP Strict Transport Security (HSTS), X-XSS-Protection, X-Content-Type-Options, X-Frame-Options, Referrer-Policy and Content-Security-Policy. You can also add customizable key-value pairs to response headers. […]
Category: Security
Audit Trail
Exportable audit log of status page changes Export Audit Trail Navigate to the Teams page in the Status.io Dashboard Click the Export Audit Log button A CSV file will be exported containing a log of all changes made to the status page. Example audit log: Note: The audit trail is available for status pages on […]
Security Policy
We know your data is extremely important to you and your business, and we’re very protective of it. System security System installation using hardened, patched OS. Dedicated firewall and VPN services to help block unauthorized system access. Operational security Our primary data center operations are powered by Amazon Web Services (AWS’ ISO 27001 certification, AWS’ […]
YubiKey Multi-Factor Authentication
Enable YubiKey multi-factor authentication (MFA) to increase the security of your status page by protecting from phishing, brute-force attacks and stolen credentials. Connect a YubiKey to your account: Obtain a YubiKey device. They are available for purchase directly from the Yubico Store. Navigate to the Account page in the Status.io Dashboard. Enter your OTP generated by the […]
SSL Certificates
Status Pages with TLS/SSL Every status page comes with SSL termination when using a subdomain at status.io. For example: https://yourname.status.io would be encrypted using the *.status.io wildcard certificate. If you’d prefer to implement SSL using your own domain, you will have to prepare and upload your certificate. Optionally, you can use a dedicated certificate generated […]