Prevent Browser caching
Put this at the top of your theme template.php file:
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache");
Download and enable the SecKit module:
There are some nice default settings. We can review tweak these settings as part of a security review when we have more time.