How to do security configuration for ibm http server?

Question

We are using IBM HTTP Server Version 7.0

Need help related to Cross Site Scripting Prevention in IBM http server.

Cross Site Scripting Prevention in Sun Java System Web Server 7.0 mentioned in following link: https://blogs.oracle.com/meena/entry/cross_site_scripting_prevention_in

Is there any configuration setting related to IBM http server ?

How can we do entity encoding or filtering settings in ibm http server ?

Thanks in advance

score 0 · Answer 1 · answered Mar 29 '13 at 00:26

0

IHS doesn't include modules to modify response bodies or to scrub incoming URL's. You can build your own mod_substitute from Apache or use mod_security respectively, but they aren't included.

answered Mar 29 '13 at 00:26

covener

17,402
2
31
45

score 0 · Answer 2 · answered Apr 25 '20 at 15:02

Yes, it is possible to implement XSS protection within your IHS. To set it up, add the following lines to your httpd.conf

<IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
<IfModule>

The verify the header of your IHS page, it will look like this

xss-protection

How to do security configuration for ibm http server?

2 Answers2