Need help? Call us on 1300 789 260

Plesk Onyx Set X-Content-Type-Options Headers

Difficulty: Intermediate


  • Plesk or Conetix Control Panel login details


Addional headers can be added to your website in order to prevent some of the basic, mime over-rides. For example, for sites which allow users to upload content and media a cleverly crafted JPEG image could be uploaded which contains PHP code.

While the validation of the uploaded content is best handled by the application (eg WordPress) itself, the additional header can still be added as an additional safeguard.


  1. Log into your Plesk or Conetix Control Panel.
  2. Confirm you have met all the prerequisites by going to the hosting settings and confirming to following:
    1. SSL/TLS support under security is ticked
    2. Permanent SEO-safe 301 redirect from HTTP to HTTPS  is ticked
    3. A valid certificate is selected
  3. Navigate to 'Apache & nginx Settings':
  4. Enter the code following code into the Additional nginx directives:
    add_header X-Content-Type-Options "nosniff" always;
    Then click Ok.
  5. You have now successfully added the X-Content-Type-Options header.
Was this article helpful? Yes No

Having trouble? We’re here to help!

We’ve built our company with a serious focus on quality service. Feel free to give us a call!

1300 789 260