The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Webmail missing security headers

Discussion in 'E-mail Discussions' started by lautrivta, Mar 29, 2017.

Tags:
  1. lautrivta

    lautrivta Member

    Joined:
    Oct 25, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Vienna, AT
    cPanel Access Level:
    Reseller Owner
    Hi,

    cPanels default webmail installation is missing important security headers:
    • Strict-Transport-Security
    • Content-Security-Policy
    • Public-Key-Pins
    • X-Frame-Options
    • X-XSS-Protection
    • X-Content-Type-Options
    • Referrer-Policy
    With no possibility to add or modify the headers.
     

    Attached Files:

  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    This is not yet supported, but I encourage you to vote and add feedback to the existing feature request at:

    Add X-Frame-Options Cpanel Ports

    We'll also provide updates on the status of this feature's implementation on the above URL as they become available.

    Thank you.
     
Loading...

Share This Page