Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
CentOS-WebPanel Bugs / Re: CWP server lacking basic security headers / CSP
« on: April 23, 2018, 05:56:04 AM »
Hi my CWP server is using standard basic security headers (that only I need). Simply you can paste into your httpd.conf file.
Backup httpd.conf
Adding some syntax
Just add these additional lines at the end of lines of your httpd.conf and restart apache to take effects.
You can test and see if those lines is working for you.
Backup httpd.conf
Code: [Select]
cp -p /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf_bakAdding some syntax
Code: [Select]
vi /usr/local/apache/conf/httpd.confJust add these additional lines at the end of lines of your httpd.conf and restart apache to take effects.
Code: [Select]
ServerTokens Prod
ServerSignature Off
FileETag None
Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Timeout 90
LoadModule headers_module modules/mod_headers.so
Header set X-Content-Type-Options nosniff
Header set Content-Security-Policy "default-src 'self';"You can test and see if those lines is working for you.
Pages: [1]
