1. Minimum Security Configuration Guide
  2. Minimum Security Configuration Guide
  3. Configuring X-Content-Type-Options in IIS

Configuring X-Content-Type-Options in IIS

  1. Open Internet Information Services (IIS) Manager.
  2. In the Connections pane, go to the site, application, or directory for which you want to set a custom HTTP header.
  3. In the Home pane, double-click HTTP Response Headers.
    HTTP Response Headers icon
  4. In the HTTP Response Headers pane, in the Actions pane, click Add...
    HTTP Response Headers pane
  5. In the Add Custom HTTP Response Header dialog box, set the Name to "X-Content-Type-Options" and the Value to "nosniff", then click OK.
    Add Custom HTTP Response Header dialog box

Parent topic: Minimum Security Configuration Guide