mirror of https://github.com/MISP/MISP
chg: Added some sane default headers to the apache .conf files
- protection against clickjacking - nosniff - as reported by Or Hanuka (PALANTIR)pull/2600/head
parent
f0020112d6
commit
11b7e8e808
|
@ -18,4 +18,6 @@
|
|||
ErrorLog /var/log/apache2/misp.local_error.log
|
||||
CustomLog /var/log/apache2/misp.local_access.log combined
|
||||
ServerSignature Off
|
||||
Header set X-Content-Type-Options nosniff
|
||||
Header set X-Frame-Options DENY
|
||||
</VirtualHost>
|
||||
|
|
|
@ -17,4 +17,6 @@
|
|||
ErrorLog /var/log/apache2/misp.local_error.log
|
||||
CustomLog /var/log/apache2/misp.local_access.log combined
|
||||
ServerSignature Off
|
||||
Header set X-Content-Type-Options nosniff
|
||||
Header set X-Frame-Options DENY
|
||||
</VirtualHost>
|
||||
|
|
|
@ -19,4 +19,6 @@
|
|||
ErrorLog /var/log/httpd/misp.local_error.log
|
||||
CustomLog /var/log/httpd/misp.local_access.log combined
|
||||
ServerSignature Off
|
||||
Header set X-Content-Type-Options nosniff
|
||||
Header set X-Frame-Options DENY
|
||||
</VirtualHost>
|
||||
|
|
|
@ -20,5 +20,7 @@
|
|||
LogLevel warn
|
||||
ErrorLog /var/log/httpd/misp.local_error.log
|
||||
CustomLog /var/log/httpd/misp.local_access.log combined
|
||||
ServerSignature Off
|
||||
ServerSignature Off
|
||||
Header set X-Content-Type-Options nosniff
|
||||
Header set X-Frame-Options DENY
|
||||
</VirtualHost>
|
||||
|
|
|
@ -13,4 +13,6 @@
|
|||
ErrorLog /var/log/apache2/misp.local_error.log
|
||||
CustomLog /var/log/apache2/misp.local_access.log combined
|
||||
ServerSignature Off
|
||||
Header set X-Content-Type-Options nosniff
|
||||
Header set X-Frame-Options DENY
|
||||
</VirtualHost>
|
||||
|
|
Loading…
Reference in New Issue