w3 total cache – security headers setup

  • I’m searching in W3TC where I can put the security headers like X-XSS-Protection etc.
    In W3TC I’m able to setup the HSTS security header (Strict-Transport-Security) only with the max-age parameter (without includeSubDomains; preload)

    A workaround is to writing the security headers in the functions.php

    I experienced that W3TC discard all them, except the HSTS, after the first chaching ??

    Does anyone know a solution ?

    Thanks a lot !
    nerimizi

Viewing 1 replies (of 1 total)

  • I know the community build of W3 Total Cache has a very full featured security headers section included. It works incredibly well. And yes it also includes the ability to set HSTS directive: includeSubDomains; preload

    I tend to use that build since it has a ton of bug fixes and new features that typically make there way into official releases of w3tc since the author also depends on it.

    Just thought u should know since many here are already familiar with it.

Viewing 1 replies (of 1 total)
  • The topic ‘w3 total cache – security headers setup’ is closed to new replies.