Where do I add Header X frame options and switch on NET_SMTP?

Sunlander

Well-Known Member
May 7, 2018
65
4
8
UK
cPanel Access Level
Root Administrator
Hi,
I need to add a few things to my server settings, but unsure where they go and what it should contain.

Basically I have to set values for these:

Header: X-Frame-Options SAMEORIGIN
Header: X-XSS-Protection 1; mode=block
Header: X-Content-Type-Options nosniff
Header: X-Robots-Tag none
Header: X-Permitted-Cross-Domain-Policies none
Header: Referrer-Policy same-origin
Header: Expect-CT enforce; max-age=3600
Header: Strict-Transport-Security max-age=31536000; includeSubDomains; preload

And also this:
mysql.connect_timeout

And I have to enable these but I don't know where to find them:

Net_SMTP
Net_IDNA
Mail_mime

If someone could point me in the right direction it would be most appreciated. I am not sure how to add the headers as I am guessing I can't just paste what I have entered above?

Kind regards
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,291
313
Houston
Basically I have to set values for these:

Header: X-Frame-Options SAMEORIGIN
Header: X-XSS-Protection 1; mode=block
Header: X-Content-Type-Options nosniff
Header: X-Robots-Tag none
Header: X-Permitted-Cross-Domain-Policies none
Header: Referrer-Policy same-origin
Header: Expect-CT enforce; max-age=3600
Header: Strict-Transport-Security max-age=31536000; includeSubDomains; preload
These can be set in .htaccess or in VirtualHost includes. The apache documentation on this can be found here mod_headers - Apache HTTP Server Version 2.4

And also this:
mysql.connect_timeout
This is set in the php.ini file for the domain or the version of PHP you're using if you'd like it to be global

Net_SMTP
Net_IDNA
Mail_mime
These are perl modules and can be installed using the following:

Code:
/scripts/perlinstaller Net::SMTP
/scripts/perlinstaller Net::IDNA
/scripts/perlinstaller Mail::mime
 

Sunlander

Well-Known Member
May 7, 2018
65
4
8
UK
cPanel Access Level
Root Administrator
Hi CpanelLauren,

thank you for responding. I have just tried to install using the scripts above but I get the following error message after trying the second and 3rd lines:

All available perl module install methods have failed

This line seemed to install things:

/scripts/perlinstaller Net::SMTP


But these 2 didn't work:

/scripts/perlinstaller Net::IDNA
/scripts/perlinstaller Mail::mime

How would I know for sure that the first one installed?

Thanks for sending the the links about htaccess, I shall go read
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,291
313
Houston
Hi @Sunlander

The modules install to /usr/share/perl5 and the Net::SMTP module you should see at /usr/share/perl5/Net/SMTP

For the ones that failed to install is there more to the error message? While Net::SMTP is a perl module it's also a PHP extension and I'm not finding anything related for the others as perl modules. All of these modules are also PHP Extensions and can be installed at WHM>>Software>>Module Installers -> PHP Extensions and Applications Package
 

Sunlander

Well-Known Member
May 7, 2018
65
4
8
UK
cPanel Access Level
Root Administrator
Hi,
thanks again for your help.
It is much easier to do via WHM :). I have now managed to install them. When I tried to do the second one by searching for
Net_IDNA2 it failed with the following error message:
Failed to download pear/Net_IDNA2 within preferred state "stable", latest release is version 0.2.0, stability "beta", use "channel://pear.php.net/Net_IDNA2-0.2.0" to install
install failed

So I then added this in the install box below the search box:

//pear.php.net/Net_IDNA2-0.2.0

and then it installed.

Now I just have the Headers to do, but I am a little confused as to what I actually put. I added this in the Virtual Host but it had no effect:
Header always set X-Frame-Options SAMEORIGIN

I don't know what the correct syntax is for all of these, and whether it is OK to just add it as a line of text like that?
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,291
313
Houston
Hi @Sunlander

They can be added like that but which VirtualHost include did you choose? What is the context of where you got these because how they're added depends on what you're trying to do with them.

Thanks!
 

Sunlander

Well-Known Member
May 7, 2018
65
4
8
UK
cPanel Access Level
Root Administrator
Hi,

I followed the advice in this thread as thought it would be the same place to add the headers?:

Editing http.conf and my.cnf - where are the correct files?

The instructions where:

For httpd.conf you can try this this below in WHM
  • Home »
  • Service Configuration »
  • Apache Configuration »
  • Include Editor
Then Select All Versions under Pre VirtualHost Include

Enter what you need to put in and click on Update.
 

Sunlander

Well-Known Member
May 7, 2018
65
4
8
UK
cPanel Access Level
Root Administrator
I found this which says to put it in the http.conf file - is this the file under Pre VirtualHost Include:

#this can also be done in a .htaccess file depending on your server set determines where you decide to set it
Header unset Content-Security-Policy
#Add the entire CSP key value pairs that you want below is just default-src
Header add Content-Security-Policy "default-src 'self'"
#This opens support to older browsers that support X-Content-Security-Policy but not Content-Security-Policy
Header unset X-Content-Security-Policy
Header add X-Content-Security-Policy "default-src 'self'"
#This opens support to older browsers that support X-WebKit-CSP but not Content-Security-Policy
Header unset X-WebKit-CSP
Header add X-WebKit-CSP "default-src 'self'"

#These headers are also helpful in increasing security
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "DENY"
Header set Strict-Transport-Security "max-age=631138519; includeSubDomains"

And would it set all the headers correctly?
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,291
313
Houston