Announcement

Collapse
No announcement yet.

Setting more secure SSL Parameters

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Setting more secure SSL Parameters

    I moved my site to SSL a few years ago. I saw that our domain was now down to a C on Qualys's SSL test, so I did some updating yesterday, using advice from sites like this one, and I got it back up to an A+.

    Today I tried to go to the admincp, and it wouldn't come up in any browser. I was very concerned that I had locked myself out for an extended period with HSTS, but it turned out to be the X-Frame security setting. Once commented out and httpd restarted, everything showed up fine. Figured I'd share here if I wasn't the first one to make the mistake.
    Code:
     
      Header always set X-Frame-Options DENY  <--- THIS LINE BREAKS ADMINCP
    www.montgomerybikers.com / www.ninjette.org / www.cal24.com
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X