Crawford Software Works

Decorative site background artwork featuring Crawford Software Works branding. All key branding and page content is also provided as readable text on the page.

Home / Blog / Security Basics for Small Business Websites: Headers, CSRF and 2FA

Security Basics for Small Business Websites: Headers, CSRF and 2FA

A practical overview of the security controls we use to protect business sites and admin areas: secure headers, CSRF protection and two-factor authentication.

Share on LinkedIn Share on X Share on Facebook

Section content

Published 3 April 2026

Website security is not just for big companies. If your site has a contact form, admin login, or any user data, basic protection matters.

1) Security headers

Headers help reduce common attacks such as clickjacking and some script injection risks. We typically apply a clean, modern set of headers with sensible defaults.

2) CSRF protection

CSRF protection prevents a malicious page from tricking your browser into submitting actions on your behalf while you are logged in to an admin panel.

3) Two-factor authentication (2FA)

2FA adds a second check (usually via an authenticator app). Even if a password is leaked, the account is far harder to compromise.

Want a quick review?

If you want us to assess what you have today and recommend improvements, get in touch and we will suggest a practical next step.

Contact us Request a free review