Security

99dev analytics provide unmatched cybersecurity protection while your visitors load and run the tracker and while your personal and traffic data sits on our servers.

TLS / HTTPS

All of our websites, apps, CDN, and API enforce strict TLS / HTTPS requirements. All request to unencrypted endpoints (ie http) are automatically redirected to their encrypted version.

Content Security Policies (CSP)

Content Security Policy (CSP) is a feature that helps to prevent or minimize the risk of certain types of security threats.

MDN Web Docs

Protect your visitors from Cross-Site Scripting (XSS), Data Exfiltration, and Clickjacking attacks.

Our tracking snippet and pixel are designed to support strict CSP headers for your visitors’ protection. Modify your existing CSP headers like this:

HTTP Headers 
Content-Security-Policy:
  script-src https://cdn.99.dev;
  img-src https://api.99.dev;

Subresource Integrity (SRI)

Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.

MDN Web Docs

Protect your visitors from Supply-Chain / CDN Tampering and Man-in-the-Middle attacks.

Our CDN supports SRI hashes and strict versioning to minimize your visitors’ cybersecurity attack surface.

index.html 
<script
  src="https://cdn.99.dev/@0.2.1/analytics.js"
  integrity="sha384-N69fuo2/EkMkNe527AjfGVSBjkFJ9KC/A9+anZxBZw46AYFPjghjuYbaH5MGhBL4"
  crossorigin="anonymous"
  async
></script>
Previous
Privacy
Next
How It Works