Vulnerability HTTP Security Header Not Detected

I am getting the  6666 port vulnerability on Jira servers. 

Jira integrated with apache. 

QID is 11827 , Vulnerability title is  HTTP Security Header Not Detected,

 

Could you please help some one to help me here to resolve the issue

 

Regards

Sai 

 

1 answer

0 vote

This is an apache problem, not Jira. 

Check your apache configuration contains

Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff

I added the same in my Appache configuration and after scan again it is there with same error 

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published May 21, 2018 in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

1,208 views 10 18
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you