Security Headers, ISP, no root won't work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi!

I want to enable some security headers. I don't have access to my =
vhosts, and not to the apache config, so I used my .htaccess.

	<ifModule mod_headers.c>
		Header set X-Frame-Options SAMEORIGIN
		Header set X-XSS-Protection "1; mode=3Dblock"
		Header set X-Content-Type-Options "nosniff"
		Header always set Referrer-Policy "no-referrer"
		Header set Content-Security-Policy "default-src 'self' ; =
referrer no-referrer ;"
		Header unset X-Powered-By
	</IfModule>

According to my ISP there are the following directives:

	apache2.config:	AllowOverride none
	vhosts			AllowOverride All

None of the above security headers are working. Any tips?

Thank you!
hc

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux