I am using Apache server for Wamp application. While doing security testing, I got these error reports which says:
-
X-Frame-Options Header Not Set.
For this I know that there are 3 types of X-Frame Options. But where do I implement the SAMEORIGIN option and how? -
X-Content-Type-Options Header Missing.
What do I need to do to solve these?
Thank you.
2
Answers
Set the following headers:
Since you are using Apache, add the following to the apache config:
The above won’t do anything for a local test server. But, you should always set them in public production servers.
Remember: Even though it doesn’t do anything for local servers, you could develop your website with this environment, so that it doesn’t suffer when you release it on production.
Since you are using Apache, add the following to the apache config:
Works perfect!