.htaccess & web.config Security Update
Hello Webmasters,
there was just an update for Joomla. Please note the following informations. These can also be found in the backend. Many do not look there, so I repeat the clues here.
Since version: 3.9.3
Joomla is now shipped with additional security hardenings in the default htaccess.txt and web.config.txt files. These hardenings disable the so called MIME-type sniffing feature in web browsers. The sniffing leads to specific attack vectors, where scripts in normally harmless file formats (eg images) will be executed, leading to Cross-Site-Scripting vulnerabilities.
The security team recommends to manually apply the necessary changes to existing .htaccess or web.config files, as those files can not be updated automatically.
Changes for .htaccess
Add the following lines before "## Mod_rewrite in use.":
<IfModule mod_headers.c>
Header always set X-Content-Type-Options "nosniff"
</IfModule>
Changes for web.config
Add the following lines right after "":
<httpProtocol>
<customHeaders>
<add name="X-Content-Type-Options" value="nosniff" />
</customHeaders>
</httpProtocol>
PEACE!
Congratulations @seo-boss! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPDo not miss the last post from @steemitboard:
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit