Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2022-04-28 09:00:00 +0000

ladyg gravatar image

Configuring security headers on WebSphere 9.0.5.13 involves the following steps:

  1. Open the WebSphere admin console and navigate to the Security section.
  2. Click on the Secure socket layer (SSL) option.
  3. Select the appropriate SSL configuration and click on the Edit button.
  4. Expand the Additional Properties option and click on Custom properties.

  5. Click on Add and enter the following properties and their values: a. com.ibm.ws.webcontainer.enableTransparentContentProtection=true b. com.ibm.ws.webcontainer.security.FilterXSS=true c. com.ibm.ws.webcontainer.security.FilterDisableJS=true d. com.ibm.ws.webcontainer.security.FilterScanUploadFiles=true e. com.ibm.ws.webcontainer.security.FilterEncoding=true

    Note: These properties enable content protection, XSS filter, disable JS execution, scan uploaded files, and encoding.

  6. Save the changes and restart the server.

Once the server is restarted, it will apply these security headers to all incoming requests. You can verify this by checking the headers using a browser extension or a command-line tool such as cURL.


Copyright QStack.ai, 2010-2023. Content on this site is licensed under the Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service | contact