Category Archives: Apache

Enable anti-clickjacking X-Frame-Options header

The Nikto scanner came up with this minor ‘hole’: + The anti-clickjacking X-Frame-Options header is not present The rationale behind Anti-Clickjacking is described in and To enable the header in Apache: 1) enable mod-headers module, if not enabled yet. Command: 2) add line “Header always append X-Frame-Options SAMEORIGIN” to /etc/apache2/httpd.conf 3) restart Apache… Read More »

Self hosting: Testing web server security

Since I’m starting to host this blog myself, I need to test the security of my web server. My first search ended up with Nikto scanner tool ( It is very easy to run and completes the scan in less than 10 minutes. The scan is by no means complete and more tools will be… Read More »