Nextcloud on TS-251A - Warnings backend

[fps_user]

Dear QNAP Community,

I installed Nextcloud on a QNAP TS-251A and also installed a wildcard ssl.

It works fine so far, but at the backend there are serveral Security & setup warnings:

• The "X-Frame-Options" HTTP header is not configured to equal to "SAMEORIGIN". This is a potential security or privacy risk and we recommend adjusting this setting.
  No memory cache has been configured. To enhance your performance please configure a memcache if available. Further information can be found in our documentation.

Could you please help me with the mentioned warnings?

Unfortunataly QNAP provides only php 5.6, to get rid of "memory cache warning" somehow i have to activate APCu on the QNAP.

Kind regards,
fps_user

[fps_user]

fyi

The warning "The "X-Frame-Options" HTTP header is not configured to equal to "SAMEORIGIN" disappeared after commenting out following line in the

/etc/config/apache/apache.conf

Code: Select all

<IfModule headers_module>
        #Header always append X-Frame-Options SAMEORIGIN
        Header always edit Set-Cookie ^(.*)$ $1;HttpOnly
</IfModule>

[scknet]

If you're commenting it out, then it wouldn't work as it should would it?

[kobe_2104]

This is also true for Safari users with Wordpress Live Preview under certain circumstances. I only just noticed tonight, but has been happening for a while now.
If you want to make sure this is the case, in Safari do an Inspect Elements check if your Preview is white, click the Errors numbers and if you get X-Fame-Options errors mentioned SAMEORIGIN and ALLOW, falling back to DENY, Apache is causing it!