Dear all, In an attempt to tighten the security of our new Traso website, out proxy in front of the web server has been carefully modified: some state-of-the-art techniques have been implemented which brought our security rating <https://observatory.mozilla.org/analyze/www.traso.de> from Grade F to Grade B. Important: This affects all our systems which are reachable externally - including xadmin roundcube otrs wiki ... By now, everything looks fine. Please tell me if customers notify about problems accessing our systems. Kind Regards Gunnar DETAILS Haproxy web frontend has been extendet by http-response set-header X-Frame-Options SAMEORIGIN http-response set-header X-XSS-Protection 1;mode=block http-response set-header X-Content-Type-Options nosniff http-response set-header Referrer-Policy strict-origin-when-cross-origin http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload; CSP hast not been enabled, this would require extensive testing and is handled in AD-690 -- Mit freundlichen Grüßen Gunnar Mann - Systemadministration - ________________________________________________________ TraSo GmbH Nonnenstraße 42 D-04229 Leipzig Tel.: +49 341 355 740 76 Fax: +49 341 355 740 21 E-Mail: g.mann@traso.de <mailto:g.mann@traso.de> <https://www.traso.de/> <https://www.facebook.com/TraSoGmbH> <https://www.xing.com/companies/trasogmbh> ________________________________________________________ Geschäftsführer: Haiko Gerdes Handelsregister: Amtsgericht Leipzig, HRB 21850 <https://www.kununu.com/de/traso1> ________________________________________________________ Geschäftsführer: Haiko Gerdes Handelsregister: Amtsgericht Leipzig, HRB 21850 <https://www.kununu.com/de/traso1> <https://www.kununu.com/de/traso1>
