Question additional header settings

RichardFM

New Pleskian
I made the following configuration in Plesk, to obtain the headers since I am using a platform called Securescorecard for the security of my system but it does not detect these changes that I made. What could be happening? I do not think it is a matter of restarting the server since doing this is very complex... it may be something else.
1722265720567.png
 
I'd recommend adding those headers (using the correct directives) as Additional directives to either Apache or Ngnix. More information can be found here:

For Apache
Apache config:
Header set X-Frame-Options DENY
Header set X-Content-Type-Options nosniff
Header set Content-Security-Policy "frame-ancestors 'none';"
Header set Referrer-Policy no-referrer

For nginx
NGINX:
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Content-Security-Policy "frame-ancestors 'none';";
add_header Referrer-Policy no-referrer;
 
Back
Top