Search Results

Follow the steps below to remediate this finding on Microsoft IIS webserver. Start the application named: IIS Manager.Select your websiteOn the right part of the screen, access the option named: HTTP Response Headers.On the top right part of the screen, click ...

Follow the steps below to remediate this finding on Nginx webserver. In your nginx.conf file add:add-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";

Follow the steps below to remediate this finding on Apache webserver. Make sure that the headers module is loaded:sudo a2enmod headersAdd the following code to the apache2.conf file:<IfModule mod_headers.c>        Header always set Strict-Transport-Security "m...

Follow the steps below to remediate this finding on Microsoft IIS webserver. Start the application named: IIS Manager.Select your websiteOn the right part of the screen, access the option named: HTTP Response Headers.On the top right part of the screen, click ...

Follow the steps below to remediate this finding on Nginx webserver. In your nginx.conf file add:add-header X-Frame-Options "SAMEORIGIN";

Follow the steps below to remediate this finding on Apache webserver. Make sure that the headers module is loaded:sudo a2enmod headersAdd the following code to the apache2.conf file:<IfModule mod_headers.c>        Header always set X-Frame-Options "SAMEORIGIN"...

Follow the steps below to remediate this finding on Microsoft IIS webserver. Start the application named: IIS Manager.Select your websiteOn the right part of the screen, access the option named: HTTP Response Headers.On the top right part of the screen, click ...

Follow the steps below to remediate this finding on Nginx webserver. In your nginx.conf file add:add-header X-Content-Type-Options "nosniff";

Follow the steps below to remediate this finding on Apache webserver. Make sure that the headers module is loaded:sudo a2enmod headersAdd the following code to the apache2.conf file:<IfModule mod_headers.c>        Header always set X-Content-Type-Options "nosn...

Follow the steps below to remediate this finding on Plesk. Log in to the Plesk control panel.Navigate to Domains > your domain > Apache & nginx Settings.Under "Additional nginx directives", add:add_header Strict-Transport-Security "max-age=31536000; includeSub...

Follow the steps below to remediate this finding on Drupal. Install and enable the Security Kit (SecKit) module:composer require drupal/seckit drush en seckitNavigate to Admin > Configuration > System > Security Kit.Under the "HTTP Strict Transport Security" s...

Follow the steps below to remediate this finding on WordPress. Add the following to your theme's functions.php file or a custom plugin:add_action('send_headers', function() { header('Strict-Transport-Security: max-age=31536000; includeSubDomains; preload'); })...

Follow the steps below to remediate this finding on Joomla. Edit the .htaccess file in the Joomla root directory and add:<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" </IfModule>Alternativel...

Follow the steps below to remediate this finding on Plesk. Log in to the Plesk control panel.Navigate to Domains > your domain > Apache & nginx Settings.Under "Additional nginx directives", add:add_header X-Frame-Options "SAMEORIGIN" always;Alternatively, unde...

Follow the steps below to remediate this finding on WordPress. Add the following to your theme's functions.php file or a custom plugin:add_action('send_headers', function() { header('X-Frame-Options: SAMEORIGIN'); });Alternatively, if using Apache, add to the ...

Follow the steps below to remediate this finding on Joomla. Edit the .htaccess file in the Joomla root directory and add:<IfModule mod_headers.c> Header always set X-Frame-Options "SAMEORIGIN" </IfModule>Alternatively, install the SecurityHeaders extension fro...

Follow the steps below to remediate this finding on Drupal. Install and enable the Security Kit (SecKit) module:composer require drupal/seckit drush en seckitNavigate to Admin > Configuration > System > Security Kit.Under the "Clickjacking" section, enable X-F...

Follow the steps below to remediate this finding on Plesk. Log in to the Plesk control panel.Navigate to Domains > your domain > Apache & nginx Settings.Under "Additional nginx directives", add:add_header X-Content-Type-Options "nosniff" always;Alternatively, ...

Follow the steps below to remediate this finding on WordPress. Add the following to your theme's functions.php file or a custom plugin:add_action('send_headers', function() { header('X-Content-Type-Options: nosniff'); });Alternatively, if using Apache, add to ...

Follow the steps below to remediate this finding on Joomla. Edit the .htaccess file in the Joomla root directory and add:<IfModule mod_headers.c> Header always set X-Content-Type-Options "nosniff" </IfModule>Alternatively, install the SecurityHeaders extension...