Web Server Security Http security headers scan

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 4 subscribers
Views 2206 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Http security headers scan

Louis-M over 3 years ago

We had a recent pen test performed and one of the areas it showed as a risk was the lack of http security headers for our external IP.

We use web server protection and can't see any option in the UTM to enable these? eg

X-XXS-protection: doesn't exist
X=content-type-options: doesn't exist

Any ideas?

This thread was automatically locked due to age.

Parents

0 emmosophos over 3 years ago

Hello Louis,

Thank you for contacting the Sophos Community!

Please open a ticket with Sophos Support along with the results of the Pentest and provide me with the Case ID.

I found something about this about the XG but not for the UTM.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 emmosophos over 3 years ago

Hello Louis,

Thank you for contacting the Sophos Community!

Please open a ticket with Sophos Support along with the results of the Pentest and provide me with the Case ID.

I found something about this about the XG but not for the UTM.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data