Security Headers via Policy

Question

Hi folks,&nbsp;
Can any one help me out with the following: I am trying to setup policies on the F5 for the following headers. I am however not sure if the policy have been setup correctly. &nbsp;
X-Content-Type-Options: nosniff
&nbsp;
Content-Security-Policy: default-src
&nbsp;
X-XSS-Protection: 1 code=block 
&nbsp;
X-Frame-Options: deny 
&nbsp;
Strict-Transport-Security: max-age=31536000 includeSubDomains
&nbsp;

stanislas_piro2 · Answer

look at this code... &nbsp;
Pascal Keepers provided in comments his security headers configuration with policy.&nbsp;

Forum Discussion

Security Headers via Policy

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Rewrite uri translation not working

Related Content

Security headers

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

Security Policy not syncing between devices

Securing GraphQL with Advanced WAF declarative policies

Using ChatGPT for security and introduction of AI security