Remediation Steps

Follow the steps below to remediate this finding on Joomla.

1. Edit the .htaccess file in the Joomla root directory and add:

   <IfModule mod_headers.c>
   Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
   </IfModule>

2. Alternatively, install the SecurityHeaders extension from the Joomla Extension Directory.