• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved How to add HTTP Security Header on port 80?

adocsys

adocsys

New Pleskian
Server operating system version
Almalinux 9.2
Plesk version and microupdate number
18.0.59
Hello,

Currently setting up a server to be PCI compliant and after multiple configuration adjustments, I only have one thing left to correct to have certification. I have set the HTTP Security Headers on all ports but I am not finding the port 80 configuration.

If I test the following, here are the results:

curl -sIL http://host.domain.ext:80
# Does not show any of the security headers, for example, x-content-type-options: nosniff

curl -sIL https://host.domain.ext:443
# Shows all my security headers, including x-content-type-options: nosniff

I have searched thru the files in /etc/sw-cp-server/ because it is Nginx that answers the call (I see header Server: nginx and netstat shows nginx process listening on port 80) but I am unable to find where I can add the directive.

The /etc/sw-cp-server/conf.d/plesk.conf file already contains the directives under the server tag and works fine for multiple ports but not port 80 sadly...

Has someone already done this or have a clue where the headers should be added?

Thanks a lot!
 
Oh! I think I finally found. I needed to go play a game of hockey to have my head to stop thinking.

I simply edited the /etc/nginx/nginx.conf file and added the directives in the http section. Now I see the new headers on port 80. Will re-launch PCI certification scan and let you guys know in the morning as it takes over an hour to complete the scan.

Mathieu.
 
adocsys said:
I simply edited the /etc/nginx/nginx.conf file and added the directives in the http section.
Click to expand...
Better remove it from there and instead create a separate configuration file in /etc/nginx/conf.d/ for it, because that will not be overwritten on the next update.
 
Hello Peter,

First, hurray, I passed PCI Scanning. It was easier than expected, I had already did a great job before the first scan it seems. I only had 4 things to fix and the 3 others I already knew how to fix them. Seems my experience over the years is paying off. :)

Yes, I figured that would happen (change to be overwritten by the next update) and will look into creating an additional conf file specifically for my modifications. Thanks for the reminder, it's appreciated. :D

Mathieu.
 
You must log in or register to reply here.

Similar threads

A
Question How to use Clear-Site-Data header rule to clear browser cache
Replies
2
Views
3K
AntoineW
A
s-light
Question NINGX CORS for multiple sub.domains
Replies
1
Views
605
s-light
s-light
E
Issue Firefox / OpaqueResponseBlocking
Replies
1
Views
12K
scsa20
scsa20
P
Resolved Nginx HTTP3 cause invalid redirect on WordPress
Replies
2
Views
3K
Paulo_o
P
P
Question How to forward port to flask server?
Replies
3
Views
484
prof
P
Back
Top