Vulnerability HTTP Security Header Not Detected

I am getting the  6666 port vulnerability on Jira servers. 

Jira integrated with apache. 

QID is 11827 , Vulnerability title is  HTTP Security Header Not Detected,

 

Could you please help some one to help me here to resolve the issue

 

Regards

Sai 

 

1 answer

This widget could not be displayed.

This is an apache problem, not Jira. 

Check your apache configuration contains

Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff

I added the same in my Appache configuration and after scan again it is there with same error 

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Apr 22, 2018 in Jira Software

How-to setup a secured Jira Software 7.9.0 on Ubuntu 16.04.4 in less than 30 minutes

...PermissionsStartOnly=true User=www-data Group=www-data ExecStart=/opt/jira/bin/startup.sh ExecStop=/opt/jira/bin/shutdown.sh TimeoutStartSec=120 TimeoutStopSec=600 PrivateTmp=true [Install] WantedBy...

1,470 views 10 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you