Vulnerability HTTP Security Header Not Detected

I am getting the 6666 port vulnerability on Jira servers.

Jira integrated with apache.

QID is 11827 , Vulnerability title is HTTP Security Header Not Detected,

Could you please help some one to help me here to resolve the issue

Regards

Sai

1 answer

0 votes

This is an apache problem, not Jira.

Check your apache configuration contains

Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

I added the same in my Appache configuration and after scan again it is there with same error

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.