Hi Laurent,
as you can see, I have tried the 1.3.x version already and got stucked in issues.
"Downloaded the listener-version 1.3.x from GitHub..."
Because of the problems mentioned above, I tried the other versions also...
Posts by bglaessn
-
-
Is this correct ?
HTML- # grep "X-Content-Type" /etc/* -R/etc/apache2/conf-enabled/security.conf:#Header set X-Content-Type-Options: "nosniff"/etc/apache2/conf-available/security.conf:#Header set X-Content-Type-Options: "nosniff"/etc/imscp/listeners.d/40_apache2_security_headers.pl: Header always set X-Content-Type-Options "nosniff"
Display MoreHTML- /var/www/imscp# grep "X-Content-Type" . -R
- ./gui/public/tools/pma/file_echo.php: header('X-Content-Type-Options: nosniff');
- ./gui/public/tools/pma/file_echo.php: header('X-Content-Type-Options: nosniff');
- ./gui/public/tools/pma/libraries/core.lib.php: header('X-Content-Type-Options: nosniff');
- ./gui/public/tools/pma/libraries/Header.php: 'X-Content-Type-Options: nosniff'
-
Update:
I have added some lines to the 40_apache2_security_headers.pl
Perl- ...package Listener::Apache2::Security::Headers;use iMSCP::EventManager;use iMSCP::TemplateParser;use strict;use warnings;my $filename = '/tmp/listener.txt';open(my $fh, '>', $filename) or die "Could not open file '$filename' $!";print $fh "Listener started.\n";close $fh;iMSCP::EventManager->getInstance()->register( 'beforeHttpdBuildConf',...
and restarted the installer.After this
So I guess, that everything is fine with the installation itself.
-
Update:
Have tried listener versions 1.4, 1.5 also... Nothing changed.
Listener version 1.6 give the following error while starting the installer:Shell-Script- [FATAL] iMSCP::EventManager::_init: "getBlocByRef" is not exported by the iMSCP::TemplateParser module
- "replaceBlocByRef" is not exported by the iMSCP::TemplateParser module
- Can't continue after import errors at /etc/imscp/listeners.d/40_apache2_security_headers.pl line 30.
- BEGIN failed--compilation aborted at /etc/imscp/listeners.d/40_apache2_security_headers.pl line 30, <$fh> line 370.
- Compilation failed in require at /root/Downloads/imscp-1.3.16/engine/PerlLib/iMSCP/EventManager.pm line 174, <$fh> line 370.
-
Hi,
For my i-mscp 1.3.6 I have done the follwing:
Downloaded the listener-version 1.3.x from GitHub (https://github.com/i-MSCP/imsc…ache2_security_headers.pl) and placed the file to /etc/imscp/listeners.d/40_apache2_security_headers.pl
After this, I triggered the installer with "perl imscp-autoinstall -d" and choosed "automatic".
The installer runs fine and completed successfully.But https://securityheaders.io still reports, that no security headers are active.
Restart of apache and php-5fpm didn´t solve the problem.
Display MoreTeX- # apache2ctl -M
- Loaded Modules:
- core_module (static)
- so_module (static)
- watchdog_module (static)
- http_module (static)
- log_config_module (static)
- logio_module (static)
- version_module (static)
- unixd_module (static)
- access_compat_module (shared)
- actions_module (shared)
- alias_module (shared)
- auth_basic_module (shared)
- authn_core_module (shared)
- authn_file_module (shared)
- authn_socache_module (shared)
- authz_core_module (shared)
- authz_groupfile_module (shared)
- authz_host_module (shared)
- authz_user_module (shared)
- autoindex_module (shared)
- cgid_module (shared)
- deflate_module (shared)
- dir_module (shared)
- env_module (shared)
- filter_module (shared)
- headers_module (shared) <---- active
- mime_module (shared)
- mpm_worker_module (shared)
- negotiation_module (shared)
- fastcgi_module (shared)
- proxy_module (shared)
- proxy_http_module (shared)
- rewrite_module (shared)
- setenvif_module (shared)
- socache_shmcb_module (shared)
- ssl_module (shared)
- status_module (shared)
- suexec_module (shared)
-
Hi,
is it possible to configure special/extended headers, f.e. X-Frame-options, content security policies, etc in i-mscp ?
Regards
Bjoern -
Hy,
I see... So there is no way to implement
TraceEnable Off
in i-mscp, also ??Regards
-
Pardon ?
Could you please be more specific ? -
Hi folks,
I am trying to disable HTTP OPTIONS for security reasons in i-MSCP 1.3.16 (Build: 20170107).
Short explanation:
If I drop a
Code- # curl -i -X OPTIONS http://139.1.x.xHTTP/1.1 200 OKDate: Fri, 05 May 2017 10:25:16 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainX-Frame-Options: sameoriginX-Content-Type-Options: nosniffAllow: GET,HEAD,POST,OPTIONSX-Frame-Options: sameoriginContent-Length: 0Content-Type: text/html
The "Allow" for OPTIONS should not be displayed.
So I added the following lines to /etc/apache2/imscp/mydomain.com.conf
and reloaded my Apache.
Additionally, I added a .htaccess with the same content in my document root.
Noting changed so far.
Any help would be appreciated. Thanx !
BG