I need to check couple of things as security aspect:
- Restrict the vault server response to GET and POST. Like it should not respond for other request methods.
- Add headers for clickjacking, cross-scripting and content-type.
Not able to find any option in vault documentation for making the necessary changes in vault hcl config to make this happen.
Please let me know if any options or way are provisioned in vault config file to achieve the above mentioned aspects.