You are reading the documentation for version 2 of FoalTS. Instructions for upgrading to this version are available here. The old documentation can be found here.
To protect the application against some (!) common attacks, FoalTS sets by default various HTTP headers. These can be overrided in the
Note that this is not a silver bullet, it is just a little help.