Re: query regarding httpd server [EXT]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hi ,
    thanks for your email, 
         Is it possible the server is filtering xss attacks from browser to server request(with header= X-XSS-Protection: "1;  mode=block" ), if that then kindly  provide the steps for the same.

regards
Thejas


On Fri, 16 Jul 2021 at 12:50, James Smith <js5@xxxxxxxxxxxx> wrote:

You can add:

Header always set X-XSS-Protection "1;  mode=block"

which will help – but the rest you need to look at the way you code your pages.

Then you can look at
(1) defensive code
(2) Content-Security-Policy header
(3) Specific rules in Apache to mitigate attacks

Remembering that XSS is often a vector for other attacks.

 

From: Thejas Hl <thejashl013@xxxxxxxxx>
Sent: 16 July 2021 06:31
To: users@xxxxxxxxxxxxxxxx
Subject: query regarding httpd server [EXT]

 

Hello team,

            Is xss attack internally taken care by httpd apache server if yes kindly share the steps to activate for protection against such attack.

 

Thanks and regards

tej

 

-- The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux