Apache Security Against Cross-Site Scripting

Detection of Cross-Site Scripting in your Apache logs is your first defense. These bash shell scripts will help you find XSS instances on your site.

Security Headers - How to enable them to prevent attacks

Securing Apache Server Using ModSecurity OSWAF

What is Cross-Site Scripting? XSS Cheat Sheet

About cross-site scripting (XSS) attacks

Implementing Missing Security Headers in Apache Web Server

Defending against XSS with CSP

Damn Vulnerable Web App (DVWA): Lesson 9: Cross Site Scripting (XSS)

Security Code Review 101 — Protecting Against Cross-Site Scripting

SQL Injection, XSS, Cross Site Scripting in hourly.deploy.com, CWE

Cross-Site Scripting — Web-based Application Security, Part 3