httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gradus Kooistra <>
Subject [users@httpd] Missing headers on 403 pages
Date Wed, 09 May 2018 07:18:02 GMT
Dear Sir/Madam,

We setup apache to set headers, like the X-Frame-Options.
But this doesn’t work for the 403 pages, only the Strict-Transport-Security works. On non-error
pages, the headers are showing correctly in the browser/security scans

The headers are set to the virtual hosts and later also to the global apache configuration,
without any luck.

The problem is that some security scans show warnings to the customers and the think the sites
are unsafe.

Is it possible to set the headers, so 403 pages are also delivering this to the browsers?

Met vriendelijke groet, 
G. Kooistra 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message