KB44034 - How to configure Custom HTTP Headers on Pulse Connect Secure?

This article provides the steps to configure Custom HTTP Headers on Pulse Connect Secure.

Pulse Connect Secure supports default HTTP headers sent in response to the client request. Additional headers may be desired that are not in the default list. The Custom HTTP Headers configuration option enables the administrator to add new headers that they want to enforce/use.

Starting with Pulse Connect Secure 9.0R3, Custom HTTP Headers are supported.  To configure Custom HTTP Headers, follow the steps below:
 

1. Login to admin web interface
2. Navigate to System > Configuration > Security > Advanced

3. In the Custom HTTP Headers section, enter the HTTP header name and the directives along with the values
4. Click Add

5. Click Save Changes.

Note:

• Administrators should ensure the correctness of the values that are entered.
• If the administrator configured HTTP header seems to affect the way the page is rendered or is locked out, use the console option to reset the custom HTTP header values.
• Connect with the admin console and choose option 4 (system operation) and then option 94 (Clear custom HTTP headers).

 

The following table lists OWASP recommended headers that may be enabled if desired: