pokongku

Really Simple SSL is the security plugin I used for my site. Is it causing problem? It’s been telling me I have no HSTS Header from the beginning.

.htaccess file folder sent to [email protected]

What is your email address? qual è il tuo indirizzo email?

In the .htaccess file, there is no line starting with Headers…… I can send you the screenshot of the .htaccess file to your email if you like.

I cannot find Header set.

https://www.ssllabs.com/ssltest/analyze.html?d=nevermoveagain.com&s=191.96.144.166 https://www.ssllabs.com/ssltest/analyze.html?d=nevermoveagain.com&s=2a02%3a4780%3a1d%3ab512%3a3ba0%3a868f%3a669e%3a44f5

I went to Settings, clicked Header Security Advanced & HSTS WP. I’d like to send you the screenshot but I can’t find the Attach button. Here is what I’ve got. At the very top, there were three buttons, Quick Selection: Strict Transport Security HSTS, CSP, Permission Policy. Then there are 4 check boxes, Disable (Strict Transport Security), Disable (Permissions-Policy), Disable (X-Content-Type-Options), Disable (X-Frame-Opti0ns). These boxes were all checked. Max Age is set at 6307200, then there are check boxes for Enable Include Subdomains, Enable preload, these are left unchecked. And then there are the CSP Header Contents in the box next to it says upgrade insecure requests:, CSP Report URI in the box is Enter custom url CSP, Permissions Policy Contents, in the box is accelerometer=0, camera=0, etc…. , then lastly X-Frame Options, in the box is SAMEORIGIN. I cannot see the HSTS WP feature I have to check inherent values. And I cannot find Option 1.