Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Security Headers missing

Elizabeth Beck
Elizabeth Beck October 29, 2018

Our internal security audit has revealed that our confluence server is missing required security http headers:

HTTP 1.1 (non-HTTPS) - Required headers:

  • Content-Security-Policy
  • X-Content-Type-Options
  • Cache-Control

How do we go about fixing this on our instance?

If we are required to update our version of Confluence to fix this, will this affect our existing Confluence data?

 

 

Answer
Watch
Like Be the first to like this
470 views

1 answer

0 votes
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 30, 2018

Hi Elizabeth,

Would you be able to let us know what version of Confluence you're using?

Regards,

Shannon

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security