Forums
(@zinoui)
7 years, 10 months ago
@toomanyairmiles I can’t reproduce it, but you better upgrade to latest version.
P.S. Sorry for delayed response.
Hi @nashvilledesigna,
You can use this configuration:
X-Frame-Options: sameorigin X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff
@steadwell,
No, you do not need to send any additional headers.
Since your page is loaded over the HTTPS protocol, you need to serve all of the resources over the HTTPS too.
Maryl, you can try to upgrade to the latest version. I think this will solve the issue. P.S. Sorry for delayed response.
8 years, 1 month ago
Hi @prodport,
After enabling the Public-Key-Pins header, you must fill-in next required fields: ‘pin-sha256’, ‘pin-sha256 (backup key)’ and ‘max-age’.
To generate hashes you can use: https://report-uri.io/home/pkp_hash
Regards,
8 years, 2 months ago
Hi @lordvader,
You are right. This is a bug. Now it is fixed and works as expected.
Thanks!
8 years, 3 months ago
@alegira,
Chrome, Safari, Opera does not support the ALLOW-FROM option. See: https://caniuse.com/#search=x-frame-options
Cheers,
@lordvader,
The answer is yes, the plugin is compatible with WordPress 4.6.1.
8 years, 4 months ago
Hi Suresh,
Yes, this plugin definitely works on Nginx server. In fact, the server doesn’t matter. Works well on Apache too.
Regards, Dimitar
8 years, 7 months ago
Hi mitchellk,
Thanks for your report, but I can’t confirm that this issue exists.
