# Content Security Policy (CSP) Settings

We’ve introduced a new setting to help you manage your Content Security Policy (CSP). You can find the configuration in `aquaWebNG.config` under the parameter `AquaContentSecurityPolicyMode`.

You have three options to choose from:

* **Off**: Disables CSP enforcement.
* **ReportOnly**: CSP violations will be reported without enforcing any restrictions.
* **Enforce**: Fully enforces the CSP, blocking any violations.

Choose the mode that best suits your security needs when installing new aqua version.