Skip to content

I suggest you ...

← General

Advanced SSL options / HTTP headers

Hello!
Is it possible to customize virtualhost configuration files (similar to Apache for example) in order to insert additional HTTP headers like:
- HSTS and preloading options
- HPKP - public key pinning options to avoid SSL man-in-the-middle
- SSL compression
- SSL stapling

This is a real must imo.. this makes using Axigen a lot safer!

84 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Robin Koper shared this idea  ·   ·  Report…  ·  Admin →
completed  ·  AdminGabriel (PM, Axigen) responded  · 

In Axigen X3, the following policies will be in-place for WebMail:

  • Content-Security-Policy
  • X-XSS-Protection
  • X-Content-Type-Options
  • Strict-Transport-Security (HSTS).

HPKP is deprecated by Chrome — we’ve decided not to support it for now.

Regarding the individual configurations “per virtual host”, we will not support this for now.

I will mark this issue as complete and if there are further needs on the topic, I will kindly ask you to open new suggestions.

Show previous admin responses (1)

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Postak @ Etnetera commented  ·   ·  Report

    Hi,

    please, implement the same policies (Content-Security-Policy, X-XSS-Protection, X-Content-Type-Options, Strict-Transport-Security) to WebADMIN interface.

    Best regards,
    Karel Ziegler

  • Postak @ Etnetera commented  ·   ·  Report

    And the other like Content-Security-Policy or X-Content-Type-Options...

General: WebMail

Categories

Feedback and Knowledge Base

(thinking…)