10:19 AM] Rohith Poreddy: These are the changes I made to apache config
# X-FRAME Options
Header set X-Frame-Options SAMEORIGIN
# X-XSS-Protection:
Header always set X-XSS-Protection "1; mode=block"
# X-Content-Type-Options:
Header always set X-Content-Type-Options: nosniff
# Content-Security-Policy
Header set Content-Security-Policy "script-src 'self'; object-src 'self'"
[10:20 AM] Rohith Poreddy: In /etc/httpd/conf/httpd.conf