Tu Chu Posted January 28, 2019 Share Posted January 28, 2019 HI, I am working with some tool to scan security for my Prestashop web. I found some basic issue example: Web Server: Missing X-Content-Type-Options Header Web Server: Missing X-Frame-Options Web Server: Missing X-XSS-Protection Header Web Server: Missing Strict Transport Security Header To prevent it, we sample implements some line, detail: https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet (for Clickjacking issue) Why PrestaShop doesn't implement that, or have any module do that? Web Server: Missing Strict Transport Security Header Link to comment Share on other sites More sharing options...
MathiasReker Posted June 29, 2019 Share Posted June 29, 2019 I have developed a module to fix all those security warnings: https://addons.prestashop.com/en/website-security-access/44413-security-pro.html Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now