• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question additional header settings

R

RichardFM

New Pleskian
I made the following configuration in Plesk, to obtain the headers since I am using a platform called Securescorecard for the security of my system but it does not detect these changes that I made. What could be happening? I do not think it is a matter of restarting the server since doing this is very complex... it may be something else.
1722265720567.png
 
I'd recommend adding those headers (using the correct directives) as Additional directives to either Apache or Ngnix. More information can be found here:

For Apache
Apache config: 
Header set X-Frame-Options DENY
Header set X-Content-Type-Options nosniff
Header set Content-Security-Policy "frame-ancestors 'none';"
Header set Referrer-Policy no-referrer

For nginx
NGINX: 
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Content-Security-Policy "frame-ancestors 'none';";
add_header Referrer-Policy no-referrer;
 
You must log in or register to reply here.

Similar threads

Y
Question Issue Implementing Dynamic CORS Headers in Plesk’s Additional NGINX Directives
Replies
1
Views
995
yfain
Y
M
Question NameServer settings for domains and Webspaces?
Replies
4
Views
1K
MimiWeb
M
S
Question Issue with Multilingual SvelteKit Website on Plesk: Nginx Proxy to Apache Configuration
Replies
0
Views
1K
st3v3y
S
zoldos
Issue Cannot get OpenDKIM to run on Ubuntu 20.04, keep getting socket error!
Replies
5
Views
4K
zoldos
zoldos
Lrnt
Question Proxy/Secured HTTP & WS requests to avoid CORS
Replies
1
Views
1K
Lrnt
Lrnt
Back
Top