Missing Headers Issue

  • Resolved Max

    (@abhisheksanjay)


    2 years, 4 months ago

    HI,

    I installed your plugin, and there seems no conflict or issue. But When I checked it withsitecheck.sucuri.net it shows missing security headers (https://ibb.co/YbrJDfw)-

    Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'.

Missing security header to prevent Content Type sniffing.

Missing Strict-Transport-Security security header.

Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src

    May you please suggest accordingly?

    Regards

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Andrea Ferro

    (@unicorn03)

    Hi @abhisheksanjay, this is Andrea thanks for downloading Headers Security Advanced & HSTS WP.

    Reading your topic please confirm me that you are experiencing an issue with using the “sucuri” plugin? In the past with other open threads an anomaly had been reported with Headers Security Advanced & HSTS WP headers with Sucuri.

    I can confirm that the plugin uses all the headers reported in the picture you attached.

    Content-Security-Policy
    Content Type sniffing
    Strict-Transport-Security

    Test tool:
    https://www.serpworx.com/check-security-headers/
    https://securityheaders.com/

    To expedite support you can also contact me at [email protected]

    • This reply was modified 2 years, 4 months ago by Andrea Ferro.
Viewing 1 replies (of 1 total)
  • The topic ‘Missing Headers Issue’ is closed to new replies.