pedinopa_170325
Feb 02, 2018Nimbostratus
security headers
I need some help trying to figure out why my standard security headers are not being applied to a specific VIP. I am inserting X-FRAME-OPTIONS, X-XSS-PROTECTION,CONTENT-SECURITY-POLICY to all my Virtual Servers using an irule. for all VS they work if you scan the DNS NAME (using nmap or securityheaders.io) but if I scan using the IP all but 1 VS passes (just 1 VIP shows no headers, it does show HSTS which I am applying through a policy though. Any thoughts as to why 1 VIP would behave differently than the others?