The DHost HTTP server running on HTTP port 8028 and HTTPS port 8030 does not set the X-Frame-Options HTTP Response Header. Therefore, it is prone to clickjacking attacks. To prevent the vulnerabilities, it is recommended to restrict the DHost HTTP Server to localhost.
Perform the following steps to configure the DHost server to run on localhost:
In Administration Console, open /etc/opt/novell/eDirectory/conf/nds.conf.
Search for the following lines and then replace the IP address (for example, 10.0.0.1) with 127.0.0.1.
http.server.interfaces=10.0.0.1@8028
https.server.interfaces=10.0.0.1@8030
After the change these lines will look as follows:
http.server.interfaces=127.0.0.1@8028
https.server.interfaces=127.0.0.1@8030
Restart the eDirectory services:
/etc/init.d/ndsd restart