You are viewing limited content. For full access, please sign in.

Question

Question

Missing Security Headers Headers

Web Customizations Security Laserfiche How To
Updated March 8, 2022
asked on March 8, 2022

After running a report from https://securityheaders.com  on Laserfiche site documents.mydomain.com, the report indicates that there are several missing Headers. Below is a screenshot of the missing headers section from the report:

Can anyone please advise of what changes need to be made to correct the missing headers?

0 0

Replies

replied on March 8, 2022

Hi Courtney,

I'm happy to see you're checking these. Security headers are an important part of modern web security.

Clicking on each of the links from that https://securityheaders.com report should take you to a page describing how to set the relevant security header. IIS 10 has an option in the IIS Management Console GUI to set the HTTP Strict Transport Security (HSTS) header.

It's important to note that some Laserfiche web applications intentionally block IIS HTTP header inheritance from the site and server level in IIS, so you should set the security headers at the application level as well.

Cheers,
Sam

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...