This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Http security headers scan

We had a recent pen test performed and one of the areas it showed as a risk was the lack of http security headers for our external IP.

We use web server protection and can't see any option in the UTM to enable these? eg

X-XXS-protection: doesn't exist
X=content-type-options: doesn't exist

Any ideas?



This thread was automatically locked due to age.
Parents Reply Children
No Data