Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Plesk.

  1. Log in to the Plesk control panel.

  2. Navigate to Domains > your domain > Apache & nginx Settings.

  3. Under "Additional nginx directives", add:

    add_header Content-Security-Policy "default-src 'self'; script-src 'self'; object-src 'none';" always;

  4. Click Apply.

Back to top