Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-29, 07:41:59

Author Topic: how to Setting up emit NoSniff, X-Frame and X-XSS-Protection headers  (Read 6092 times)

0 Members and 1 Guest are viewing this topic.

Offline cmdman

  • Senior Member
  • *
  • Posts: 298
  • Karma: +1/-0
    • View Profile
hi mr

how to Setting up emit NoSniff, X-Frame and X-XSS-Protection headers for apache and nginx for Kloxop-MR panel..


Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Try hiawatha-proxy.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline cmdman

  • Senior Member
  • *
  • Posts: 298
  • Karma: +1/-0
    • View Profile
why cont for apache and nginx i saw your mr forum header its implemented with apache  so help me on this for apache and nginx

Offline cmdman

  • Senior Member
  • *
  • Posts: 298
  • Karma: +1/-0
    • View Profile
ok i added this under ht access,

<IfModule mod_headers.c>
    Header unset ETag
    Header set X-Frame-Options: deny
    Header set X-XSS-Protection: "1; mode=block"
    Header set X-Content-Type-Options: nosniff
    Header set X-WebKit-CSP: "default-src 'self'"
    Header set X-Permitted-Cross-Domain-Policies: "master-only"
</IfModule>

now it shows
i tested the header
https://securityheaders.com/test-http-headers.php
 

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
why cont for apache and nginx i saw your mr forum header its implemented with apache  so help me on this for apache and nginx
No server for this forum using hiawatha-proxy. The problem is, in proxy, hiawatha show apache instead their name in 'server headers'.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

 


MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix

Page created in 0.029 seconds with 18 queries.

web stats analysis