Hello, I scanned my website with the Acunetix tool and below vulnerabilities found:
1- Cookie(s) without HttpOnly flag set 2- Disable OPTIONS Method 3- CORS (Cross-Origin Resource Sharing) origin validation failure To solve these problems, I added below lines to my Virtual Host configuration file and restarted the Apache service: Header always edit Set-Cookie (.*) "$1;HttpOnly;Secure;samesite=lax" <Location /> <LimitExcept GET POST> order deny,allow deny from all </LimitExcept> </Location> Header set Access-Control-Allow-Credentials "true" But problems existed. How to solve them? Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
