Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 1536 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Http security headers scan

Louis-M

We had a recent pen test performed and one of the areas it showed as a risk was the lack of http security headers for our external IP.

We use web server protection and can't see any option in the UTM to enable these? eg

X-XXS-protection: doesn't exist
X=content-type-options: doesn't exist

Any ideas?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Louis,

    Thank you for contacting the Sophos Community!

    Please open a ticket with Sophos Support along with the results of the Pentest and provide me with the Case ID.

    I found something about this about the XG but not for the UTM.

    Regards,

Reply
  • 0

    Hello Louis,

    Thank you for contacting the Sophos Community!

    Please open a ticket with Sophos Support along with the results of the Pentest and provide me with the Case ID.

    I found something about this about the XG but not for the UTM.

    Regards,

Children
No Data