Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How do I set headers ?

    Cache/Proxy
    2
    7
    131
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Actionhenk last edited by

      Hi,
      I have ran a few testers on the web and the tests are reporting im missing a few headers and need them to improve security.

      I tried adding headers using an action on the main ha frontend like below

      498a5e54-6fa3-40c8-b2ac-cf0d87a3736b-image.png

      After applying settings Im getting an error about the option needing exactly 2 arguments .. How should I set such headers and where ? Straight in the config (wouldnt this be overwritten by ha-proxy ?)?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        You probably want to set http response headers, not request headers.

        1 Reply Last reply Reply Quote 0
        • A
          Actionhenk last edited by

          allright thanks, I will change it to request. So this is the correct place/way to put in the headers ? How would I configure this header:

          Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
          

          The value contains spaces, so haproxy interface on pfsense wont accept it. I get the error it needs 2 arguments ?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by Derelict

            Something like this.

            Screen Shot 2019-10-07 at 11.34.25 AM.png

            All I did was enclose everything in double quotes. Ended up with this:

            http-response set-header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'"  if  yourAcl
            

            I didn't test it.

            1 Reply Last reply Reply Quote 1
            • A
              Actionhenk last edited by

              Cool! thanks, will test this and see if it works.

              1 Reply Last reply Reply Quote 0
              • A
                Actionhenk last edited by

                nice, it seems to work, getting A+ result now !

                Derelict 1 Reply Last reply Reply Quote 1
                • Derelict
                  Derelict LAYER 8 Netgate @Actionhenk last edited by

                  @Actionhenk Nice. One other thing: I haven't looked at it but I assume if you need double quotes in a string like that in the future you can just escape the ones inside the string with \"

                  1 Reply Last reply Reply Quote 0

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2020 Rubicon Communications, LLC | Privacy Policy