HTTP Security Header Not Detected from Qualys - Q11827

Hi all,

do you know, if exists method how to configure in grafana HTTP response headers:

X-Frame-Options, X-XSS-Protection, Content Security Policy, X-Content-Type-Options and Strict-Transport-Security

Thank you,

You can’t configure custom response headers in Grafana. Use reverse proxy in front of Grafana and configure all these sec. headers on the reverse proxy level.