Dimitar Ivanov

If you need a support you can ask for in Support section.

Hey @swick4556

Support of nginx servers is scheduled for v2, and is being developed right now.

Using PHP to send headers is absolutety possible. Just go to Advanced settings menu and change the Default mode from Apache to PHP mode. The reason while PHP mode is not the default mode, is that it doesn’t work when caching plugins are used.

There are plenty of tutorials across the web how to deal with .htaccess, this was never the aim of this plugin.

It’s pity to give a low rating review without even asking for help and to complain about missing features that actually exists.

Hi @misaka1

I’ve test it, and I notice that X-Frame-Options header works as expected.

Are you sure you don’t have a reverse proxy in front of your web server? If so, it may overwrite the header.

Or some other plugin that unset that header?

Or maybe you’re using HTTP Headers plugin in PHP mode in conjunction with some caching plugin?

Don’t know what’s the exact reason that cause the issue, it’s just some gueses.

However, instead of X-Frame-Options you may try to set the Content-Security-Policy header, the frame-ancestors directive.

• This reply was modified 3 years, 7 months ago by Dimitar Ivanov.

Thank you!

@timophe

I’ve just made a test with Basic and Digest Auth. Both works as expected.

Can you tell what’s the version of your Apache web server?

Hi @ads97129

I’ve commit a fix that attempt to address above issue. Can you please try to update.

Shipped!

Thanks for suggestions, definitely I will.

Hi everyone,

Since the latest version v1.18.2 you can configure the path to .user.ini file.
To do this simply go to the Advanced menu.

Hope this solves the above issue.

P.S. Sorry for the delayed response.

Hi @huecoach

This warning is for the .user.ini filename.
The plugin tries to find this file in the default location, but actually fails.
In the latest version, you can configure those path by yourself.

The HTTP Headers plugin doesn’t block or blacklist anything by IP address.

Please note that a wrong configuration, especially with CSP header, may violate browser’s policies which results in restricted access to a website.

To get a proper support, please try to identify what’s the issue. To do this please answer the following:
– what’s the error you see in the browser window
– what’s the error you see in the browser DevTools console
– what’s your system, e.g. OS, Web server, PHP SAPI
– what’s you configuration with HTTP Headers plugin
– what other plugins are currently active

That’s not the general use case.

If doesn’t works for you, please be more descriptive and tell:
– what’s your system (OS, Web sever, PHP SAPI)
– what’s you configuration with HTTP Headers plugin
– which other plugins you are using, and they current status (active/not active)

Hi @smiley58 and @corpat

After various tests I can’t reproduce this issue. Can I ask you to show the list of plugins you are using.

I’m curious whether both of you using some multilingual plugin.

Thanks

Hi @corpat

Thank you for your bug report.
I will try to reproduce and fix it.

Hi @wood1e

This plugin add headers in the HTTP response (no meta tags are used).
Headers are sent via one of the following:
a) .htaccess file (when plugin is in Apache mode)
b) php header() function (when plugin is in PHP mode)

In you screenshot I can see you’ve used a full page URL, but not an “origin” which is only protocol + domain name + (eventually port number), so in your case it should be: https://www.wolfrace.co.uk