Category: Security

Status pages on the Plus plan support custom HTTP response headers. Add cross-origin resource sharing (CORS), security, and custom headers to HTTP responses returned by your status page. You can insert any of the following security headers: HTTP Strict Transport Security (HSTS), X-XSS-Protection, X-Content-Type-Options, X-Frame-Options, Referrer-Policy and Content-Security-Policy. You can also add customizable key-value pairs […]

Exportable audit log of status page changes Export Audit Trail Navigate to the Teams page in the Status.io Dashboard Click the Export Audit Log button A CSV file will be exported containing a log of all changes made to the status page. Example audit log: Note: The audit trail is available for status pages on […]

Limit your status page visibility to specific networks by enabling IP Access Control. Get started by uploading a pre-defined range of IP addresses that you would like to grant access to. This setting is available in the Dashboard from the Settings/Private Mode tab. Once activated, any viewers originating from IP addresses not in your list […]

We know your data is extremely important to you and your business, and we’re very protective of it. System security System installation using hardened, patched OS. Dedicated firewall and VPN services to help block unauthorized system access. Operational security Our primary data center operations are powered by Amazon Web Services (AWS’ ISO 27001 certification, AWS’ […]

Enable YubiKey multi-factor authentication (MFA) to increase the security of your status page by protecting from phishing, brute-force attacks and stolen credentials. Connect a YubiKey to your account: Obtain a YubiKey device. They are available for purchase directly from the Yubico Store. Navigate to the Account page in the Status.io Dashboard. Enter your OTP generated by the […]

Status Pages with TLS/SSL Every status page comes with SSL termination when using a subdomain at status.io. For example: https://yourname.status.io would be encrypted using the *.status.io wildcard certificate. If you’d prefer to implement SSL using your own domain, you will have to prepare and upload your certificate. Optionally, you can use a dedicated certificate generated […]