Vulnerability HTTP Security Header Not Detected

I am getting the  6666 port vulnerability on Jira servers. 

Jira integrated with apache. 

QID is 11827 , Vulnerability title is  HTTP Security Header Not Detected,

 

Could you please help some one to help me here to resolve the issue

 

Regards

Sai 

 

1 answer

0 votes

This is an apache problem, not Jira. 

Check your apache configuration contains

Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff

I added the same in my Appache configuration and after scan again it is there with same error 

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 29, 2019 in Jira Software

Transforming Jira Software projects for general project management purposes

...It's true that there are projects in Jira; but they are merely a way to cut off issues, to tell them apart from other sections of work and to apply rules that are specific to that team (the schemes)....

205 views 0 6
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you