Product Improvements: Flexible
Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!
1 result found
-
Allow us to be able to implement additional security headers.
I'd like to have the abiity to implement the following headers on NginX and Apache so I can convince my clients they can pass Header Security Test in conjunction with PCI/DSS. The following are recommendations.
NginX Headers
addheader X-Frame-Options "SAMEORIGIN" always;
addheader X-Xss-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;Apache Headers
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"Referrer-Policy: strict-origin-when-cross-origin
28 votes
- Don't see your idea?