No announcement yet.

Setting more secure SSL Parameters

  • Filter
  • Time
  • Show
Clear All
new posts

  • Setting more secure SSL Parameters

    I moved my site to SSL a few years ago. I saw that our domain was now down to a C on Qualys's SSL test, so I did some updating yesterday, using advice from sites like this one, and I got it back up to an A+.

    Today I tried to go to the admincp, and it wouldn't come up in any browser. I was very concerned that I had locked myself out for an extended period with HSTS, but it turned out to be the X-Frame security setting. Once commented out and httpd restarted, everything showed up fine. Figured I'd share here if I wasn't the first one to make the mistake.
      [B]Header always set X-Frame-Options DENY  <--- THIS LINE BREAKS ADMINCP[/B] / /
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.