<div dir="ltr">Both x-frame-options and x-content-type-options are in the database and shouldn't alert (you can check this by looking at program/databases/db_headers and making sure those two lines are there).<div><br>
</div><div>It looks like the database has been updated since 2.1.5 has been released, so try doing a <a href="http://niko.pl">niko.pl</a> -update, then retest.</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On 11 May 2014 18:10, eXile Out <span dir="ltr"><<a href="mailto:outofexile@yandex.com" target="_blank">outofexile@yandex.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>Dear Friend, </div><div>It's possible that our modsecurity module influence the config of apache?</div><div>I try to disable modsecurity, and nikto now show another 2 informations:</div><div>-------------------------------------</div>
<div>+ Server leaks inodes via ETags, header found with file /, inode: etc...<div class=""><br>+ Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN<br></div>+ Uncommon header 'x-content-type-options' found, with contents: nosniff<br>
-------------------------------------</div><div>If I re-enable modsecurity, appear only one information:</div><div><div>-------------------------------------</div><div class="">+ Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN<br>
-------------------------------------</div></div><div>I hope this informations can help you</div><div>Thank You</div><div>Regards</div><div>eX</div><div> </div><div>11.05.2014, 19:14, "eXile Out" <<a href="mailto:outofexile@yandex.com" target="_blank">outofexile@yandex.com</a>>:</div>
<div class="HOEnZb"><div class="h5"><blockquote type="cite"><div>Dear Chris,</div><div>thank you for your support.</div><div>I look my config file, and the option is already in plural "x-frame-options", sorry for my wrong past information.</div>
<div>I can't undestrand why appear this message...</div><div>It's possible that the position of the option in apache debian config files, influence this problem?</div><div>Thank you</div><div>Regards</div><div>eX</div>
<div> </div><div>11.05.2014, 06:49, "Sullo" <<a href="mailto:csullo@gmail.com" target="_blank">csullo@gmail.com</a>>:</div><blockquote type="cite"><div>Looking again, I see that it is "option" and not "options". "options" is correct according to the RFC and thus what is in the Nikto database. Your server should be sending x-frame-options and *not* x-frame-option to properly set frame restrictions.<div>
</div><div>regards,</div><div>Sullo</div></div><div><br><br><div>On Sat, May 10, 2014 at 3:25 PM, <a href="mailto:csullo@gmail.com" target="_blank">csullo@gmail.com</a> <span><<a href="mailto:csullo@gmail.com" target="_blank">csullo@gmail.com</a>></span> wrote:<br>
<blockquote style="margin:0 0 0 0.8ex;border-left:1px #ccc solid;padding-left:1ex">I'm not near a computer to check this out, but that should be in the database of known headers. So either it's missing which is a mistake, or a bug is preventing a match.<br>
<br> However, you want to keep that header around unless you have a specific need for removing it (and even then, allowing specific hosts to frame). So don't try to get rid of it--leave it be!<br> <br> I'll look at this later to figure out why it's not matching.<br>
<br> Regards,<br> Sullo<br><div><div><br> > On May 10, 2014, at 11:26 AM, eXile Out <<a href="mailto:outofexile@yandex.com" target="_blank">outofexile@yandex.com</a>> wrote:<br> ><br> > Dear Friend,<br> > I've a security problem whit my server (debian wheezy 7.4 with apache 2.2.22-deb7u on amd64 arch).<br>
> when I scan the server with nikto, nikto tell me that found a "Uncommon header" that I can't solve:<br> > -----------------------------------------------------------------------------------------------------------<br>
> - Nikto v2.1.5<br> > -----------------------------------------------------------------------------------------------------------<br> > + Taget IP: 127.0.0.1<br> > -----------------------------------------------------------------------------------------------------------<br>
> + Server: Apache/2.2.22<br> > + Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN<br> > -----------------------------------------------------------------------------------------------------------<br>
><br> > The default debian anti click-hijacking config is in the file:<br> > /etc/apache2/conf.d/security<br> > And containd this line:<br> > Header set X-Frame-Option: "sameorigin"<br> ><br> > I try to comment this line and add manually the protection, in file:<br>
> /etc/apache2/httpd.conf (created by me and included on apache2.conf file)<br> > Whit this line:<br> > Header always append X-Frame-Option SAMEORIGIN<br> ><br> > But the message on Nikto persist.<br> > Anyone can help me?<br>
> Thank you so much<br> > Regards<br> > OeX<br> > _______________________________________________<br> > Nikto is sponsored by Netsparker, a false positive free web application security scanner.<br> > Visit <a href="https://www.netsparker.com/" target="_blank">https://www.netsparker.com/</a> for more information.<br>
> _______________________________________________<br> > Nikto-discuss mail list<br> > <a href="mailto:Nikto-discuss@attrition.org" target="_blank">Nikto-discuss@attrition.org</a><br> > <a href="https://attrition.org/mailman/listinfo/nikto-discuss" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a></div>
</div></blockquote></div><br><br><div> </div>-- <br><br><a href="http://www.cirt.net/" target="_blank">http://www.cirt.net</a> | <a href="http://richsec.com/" target="_blank">http://richsec.com/</a></div></blockquote>
,<p>_______________________________________________<br>Nikto is sponsored by Netsparker, a false positive free web application security scanner.<br>Visit <a href="https://www.netsparker.com/" target="_blank">https://www.netsparker.com/</a> for more information.<br>
_______________________________________________<br>Nikto-discuss mail list<br><a href="mailto:Nikto-discuss@attrition.org" target="_blank">Nikto-discuss@attrition.org</a><br><a href="https://attrition.org/mailman/listinfo/nikto-discuss" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a></p>
</blockquote></div></div><br>_______________________________________________<br>
Nikto is sponsored by Netsparker, a false positive free web application security scanner.<br>
Visit <a href="https://www.netsparker.com/" target="_blank">https://www.netsparker.com/</a> for more information.<br>
_______________________________________________<br>
Nikto-discuss mail list<br>
<a href="mailto:Nikto-discuss@attrition.org">Nikto-discuss@attrition.org</a><br>
<a href="https://attrition.org/mailman/listinfo/nikto-discuss" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a><br></blockquote></div><br></div>