Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Where do I add Header X frame options and switch on NET_SMTP?

Discussion in 'EasyApache' started by Sunlander, May 9, 2018.

  1. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    29
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi,
    I need to add a few things to my server settings, but unsure where they go and what it should contain.

    Basically I have to set values for these:

    Header: X-Frame-Options SAMEORIGIN
    Header: X-XSS-Protection 1; mode=block
    Header: X-Content-Type-Options nosniff
    Header: X-Robots-Tag none
    Header: X-Permitted-Cross-Domain-Policies none
    Header: Referrer-Policy same-origin
    Header: Expect-CT enforce; max-age=3600
    Header: Strict-Transport-Security max-age=31536000; includeSubDomains; preload

    And also this:
    mysql.connect_timeout

    And I have to enable these but I don't know where to find them:

    Net_SMTP
    Net_IDNA
    Mail_mime

    If someone could point me in the right direction it would be most appreciated. I am not sure how to add the headers as I am guessing I can't just paste what I have entered above?

    Kind regards
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,851
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    These can be set in .htaccess or in VirtualHost includes. The apache documentation on this can be found here mod_headers - Apache HTTP Server Version 2.4

    This is set in the php.ini file for the domain or the version of PHP you're using if you'd like it to be global

    These are perl modules and can be installed using the following:

    Code:
    /scripts/perlinstaller Net::SMTP
    /scripts/perlinstaller Net::IDNA
    /scripts/perlinstaller Mail::mime
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    29
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi CpanelLauren,

    thank you for responding. I have just tried to install using the scripts above but I get the following error message after trying the second and 3rd lines:

    All available perl module install methods have failed

    This line seemed to install things:

    /scripts/perlinstaller Net::SMTP


    But these 2 didn't work:

    /scripts/perlinstaller Net::IDNA
    /scripts/perlinstaller Mail::mime

    How would I know for sure that the first one installed?

    Thanks for sending the the links about htaccess, I shall go read
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,851
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Sunlander

    The modules install to /usr/share/perl5 and the Net::SMTP module you should see at /usr/share/perl5/Net/SMTP

    For the ones that failed to install is there more to the error message? While Net::SMTP is a perl module it's also a PHP extension and I'm not finding anything related for the others as perl modules. All of these modules are also PHP Extensions and can be installed at WHM>>Software>>Module Installers -> PHP Extensions and Applications Package
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    29
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi,
    thanks again for your help.
    It is much easier to do via WHM :). I have now managed to install them. When I tried to do the second one by searching for
    Net_IDNA2 it failed with the following error message:
    Failed to download pear/Net_IDNA2 within preferred state "stable", latest release is version 0.2.0, stability "beta", use "channel://pear.php.net/Net_IDNA2-0.2.0" to install
    install failed

    So I then added this in the install box below the search box:

    //pear.php.net/Net_IDNA2-0.2.0

    and then it installed.

    Now I just have the Headers to do, but I am a little confused as to what I actually put. I added this in the Virtual Host but it had no effect:
    Header always set X-Frame-Options SAMEORIGIN

    I don't know what the correct syntax is for all of these, and whether it is OK to just add it as a line of text like that?
     
  6. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,851
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Sunlander

    They can be added like that but which VirtualHost include did you choose? What is the context of where you got these because how they're added depends on what you're trying to do with them.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    29
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi,

    I followed the advice in this thread as thought it would be the same place to add the headers?:

    Editing http.conf and my.cnf - where are the correct files?

    The instructions where:

    For httpd.conf you can try this this below in WHM
    • Home »
    • Service Configuration »
    • Apache Configuration »
    • Include Editor
    Then Select All Versions under Pre VirtualHost Include

    Enter what you need to put in and click on Update.
     
  8. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    29
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I found this which says to put it in the http.conf file - is this the file under Pre VirtualHost Include:

    #this can also be done in a .htaccess file depending on your server set determines where you decide to set it
    Header unset Content-Security-Policy
    #Add the entire CSP key value pairs that you want below is just default-src
    Header add Content-Security-Policy "default-src 'self'"
    #This opens support to older browsers that support X-Content-Security-Policy but not Content-Security-Policy
    Header unset X-Content-Security-Policy
    Header add X-Content-Security-Policy "default-src 'self'"
    #This opens support to older browsers that support X-WebKit-CSP but not Content-Security-Policy
    Header unset X-WebKit-CSP
    Header add X-WebKit-CSP "default-src 'self'"

    #These headers are also helpful in increasing security
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Frame-Options "DENY"
    Header set Strict-Transport-Security "max-age=631138519; includeSubDomains"

    And would it set all the headers correctly?
     
  9. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,851
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice