Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Join us for an expert-led overview of the tools and concepts you'll need to become a Certified Power BI Data Analyst and pass exam PL-300. Register now.

Reply
M_Hassanien
New Member

Power Bi Report Server Security issues

We have 3 main security issues that need support to fix as follows:

 - Missing security headers :
  Best practice measures recommend the implementation of the following headers to aid in strengthening user protection within modern browsers:
1. X-Frame-Options
2. X-Xss-Protection
3. Strict-Transport-Security
4. X-Content-Length
5. Content-Security-Policy

 

-Server Fingerprinting:

The application responses expose information about the server. This will help the threat actor to find known vulnerabilities.

Recommendation: Any information that could indicate the back-end technologies should be removed or modified. Please disable "Server" in response headers.

 

-Missing HTTP Only and Secure Flags

The application uses several cookies missing one or more cookie security flags such as HTTP only and secure. Cookie flags must be set appropriately to avoid compromise of user session cookies.

Recommendation: Ensure that cookies have only HTTP and secure, flags set.

 

kindly we need step by step guide to fix the above issues 

0 REPLIES 0

Helpful resources

Announcements
Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June 2025 Power BI Update Carousel

Power BI Monthly Update - June 2025

Check out the June 2025 Power BI update to learn about new features.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.