Based on a security analysis of our VBM 365 environment, I was asked to add the following HTTP header fields to the Restore Portal in order to increase security:
- Cache-Control
- Content-Security-Policy
- X-Content-Type-Options
Since a change to the headers mentioned can only be implemented by Veeam, I am submitting this feature request.
Is adding these headers a valuable enhancement, and would it actually increase security? Or can these headers be omitted?
Many thanks in advance for your response and your opinions!
-
jan.ohrndorf
- Lurker
- Posts: 2
- Liked: never
- Joined: Mar 16, 2021 10:26 am
- Full Name: Jan Hendrik Ohrndorf
- Contact:
-
Mildur
- Product Manager
- Posts: 11505
- Liked: 3225 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: [Feature request] VBM 365 Restore Portal - HTTP header fields
Hi Jan,
Thank you for your request.
I can’t comment on whether it increases security, but I’ll forward it to our internal security team for review.
Best regards,
Fabian
Thank you for your request.
I can’t comment on whether it increases security, but I’ll forward it to our internal security team for review.
Best regards,
Fabian
Product Management Analyst @ Veeam Software
-
jan.ohrndorf
- Lurker
- Posts: 2
- Liked: never
- Joined: Mar 16, 2021 10:26 am
- Full Name: Jan Hendrik Ohrndorf
- Contact:
Re: [Feature request] VBM 365 Restore Portal - HTTP header fields
Hi Fabian,
thank you very much!
Best regards
Jan
thank you very much!
Best regards
Jan
Who is online
Users browsing this forum: No registered users and 6 guests