我正在尝试解决我的网站上的以下选项
Strict-Transport-Security
Content-Security-Policy
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
我在 Google 上找到了以下代码并将其添加到/etc/apache2/apache2.conf
文件中
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Order Allow,Deny
Allow from all
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Credentials true
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header set Access-Control-Max-Age "1000"
Header set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
</Directory>
添加上述代码后,出现以下错误
sudo service apache2 restart
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
我已经通过这个 URL 扫描了我的网站:https://securityheaders.com/,结果显示为 F。以下是结果链接
我必须解决这些问题,所以我研究了谷歌并找到了要添加到 Apache 配置文件的标题代码。所以我添加了相同的代码并出现错误......