: X-Frame-Options Enabling on GoDaddy I am currently developing a website which runs on a GoDaddy Windows with Plesk hosting option. I am doing this as an experimental/learning site so I am trying
I am currently developing a website which runs on a GoDaddy Windows with Plesk hosting option. I am doing this as an experimental/learning site so I am trying to be as security conscious as possible to get into the habit. I have since used OWASP Zed Attack Proxy (ZAP) to scan my site and it came up with a couple of vulnerabilities. The first and highest priority is that I don't have X-Frame-Options set. I am super new to this so I am wondering how to configure these to be sent as I understand they need to be sent from the server. I may need to set them in my client but as of yet I am uncertain. I am using Angular 4 to create a single-page application.
More posts by @Miguel251
1 Comments
Sorted by latest first Latest Oldest Best
You're running on Windows, which makes it likely that you're using IIS. Assuming this is the case, this post on StackOverflow has a discussion on how to set the X-Frame-Options header properly (https://stackoverflow.com/questions/25316781/x-frame-options-not-working-iis-web-config).
In short, it states that:
"An easy work around is to set the headers manually using:"
Response.AddHeader("X-Frame-Options", "DENY");
In the lesser likely case that you're running on Apache, you can find the information you need here: stackoverflow.com/questions/17092154/x-frame-options-on-apache
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.