How to configure web interface internals

J

John-Doe

New Member
Jul 29, 2019
2
0
1
Hi there,

I recently scanned for vulnerabilities on a Proxmox host and discovered a few vulnerabilites with the GUI/Web interface. I was wondering if there is any way to manage the configuration of this web interface for things like X-Frame-Options and HTTPS compression (GZIP/Deflate) so I can resolve some of the issues I've discovered. Apologies if I have missed questions that already answer my questions.

Thanks,
John
 
Ah, thank you that helps with the BREACH vulnerability but I was unable to see any mention of anti-clickjacking X-Frame-Options. I will be looking through documentation again but I do not believe I can find any new pages that will have information on this. Should I submit this to the bug tracker?
 
AFAIR there are no further options - so if you like - please open an enhancement request at https://bugzilla.proxmox.com for further discussion.

OTOH if you want full control over the web-facing side of PVE I would really suggest putting a nginx/haproxy reverse proxy in front of it and use the pve-firewall to prevent access to port 8006 - this should give you the greatest flexibility.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back