Has the overal server security situation, especially seen to server security header implementation, improved since 5 years ago:
http://projects.webappsec.org/w/page/13246959/Server%20Misconfiguration
Personally from what I see on the Internet I do not think so.
Just look here: https://forum.avast.com/index.php?topic=173228.0

polonus