How to configure security headers on WebSphere 9.0.5.13?

answered 2022-04-28 09:00:00 +0000

ladyg
21 ●1 ●2

Configuring security headers on WebSphere 9.0.5.13 involves the following steps:

Open the WebSphere admin console and navigate to the Security section.
Click on the Secure socket layer (SSL) option.
Select the appropriate SSL configuration and click on the Edit button.
Expand the Additional Properties option and click on Custom properties.
Click on Add and enter the following properties and their values: a. com.ibm.ws.webcontainer.enableTransparentContentProtection=true b. com.ibm.ws.webcontainer.security.FilterXSS=true c. com.ibm.ws.webcontainer.security.FilterDisableJS=true d. com.ibm.ws.webcontainer.security.FilterScanUploadFiles=true e. com.ibm.ws.webcontainer.security.FilterEncoding=true

Note: These properties enable content protection, XSS filter, disable JS execution, scan uploaded files, and encoding.
Save the changes and restart the server.

Once the server is restarted, it will apply these security headers to all incoming requests. You can verify this by checking the headers using a browser extension or a command-line tool such as cURL.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss

Add Answer

How to configure security headers on WebSphere 9.0.5.13?

1 Answer

Your Answer

Question Tools

Stats

Related questions

How to configure security headers on WebSphere 9.0.5.13? edit

1 Answer