Dimitar Ivanov
Forum Replies Created
-
Forum: Reviews
In reply to: [HTTP Headers] Can’t do anythingIf you need a support you can ask for in Support section.
Forum: Reviews
In reply to: [HTTP Headers] Doesn’t work with NGINXHey @swick4556
Support of nginx servers is scheduled for v2, and is being developed right now.
Using PHP to send headers is absolutety possible. Just go to Advanced settings menu and change the Default mode from Apache to PHP mode. The reason while PHP mode is not the default mode, is that it doesn’t work when caching plugins are used.
There are plenty of tutorials across the web how to deal with .htaccess, this was never the aim of this plugin.
It’s pity to give a low rating review without even asking for help and to complain about missing features that actually exists.
Forum: Plugins
In reply to: [HTTP Headers] X-Frame-Options Header does not work anymoreHi @misaka1
I’ve test it, and I notice that
X-Frame-Options
header works as expected.Are you sure you don’t have a reverse proxy in front of your web server? If so, it may overwrite the header.
Or some other plugin that unset that header?
Or maybe you’re using HTTP Headers plugin in PHP mode in conjunction with some caching plugin?
Don’t know what’s the exact reason that cause the issue, it’s just some gueses.
However, instead of X-Frame-Options you may try to set the
Content-Security-Policy
header, theframe-ancestors
directive.- This reply was modified 3 years, 7 months ago by Dimitar Ivanov.
Forum: Reviews
In reply to: [HTTP Headers] Simple Solution to a Complex ProblemThank you!
Forum: Reviews
In reply to: [HTTP Headers] www auth brokenI’ve just made a test with Basic and Digest Auth. Both works as expected.
Can you tell what’s the version of your Apache web server?
Forum: Plugins
In reply to: [HTTP Headers] Failed to activate plugin on local XAMPPHi @ads97129
I’ve commit a fix that attempt to address above issue. Can you please try to update.
Forum: Plugins
In reply to: [HTTP Headers] Add interest-cohort to Permissions-Policy to block Google FLoCShipped!
Forum: Plugins
In reply to: [HTTP Headers] Add interest-cohort to Permissions-Policy to block Google FLoCThanks for suggestions, definitely I will.
Forum: Plugins
In reply to: [HTTP Headers] .user.ini — Recurring issue with pluginHi everyone,
Since the latest version v1.18.2 you can configure the path to .user.ini file.
To do this simply go to the Advanced menu.Hope this solves the above issue.
P.S. Sorry for the delayed response.
Forum: Plugins
In reply to: [HTTP Headers] file not foundHi @huecoach
This warning is for the
.user.ini
filename.
The plugin tries to find this file in the default location, but actually fails.
In the latest version, you can configure those path by yourself.The HTTP Headers plugin doesn’t block or blacklist anything by IP address.
Please note that a wrong configuration, especially with CSP header, may violate browser’s policies which results in restricted access to a website.
To get a proper support, please try to identify what’s the issue. To do this please answer the following:
– what’s the error you see in the browser window
– what’s the error you see in the browser DevTools console
– what’s your system, e.g. OS, Web server, PHP SAPI
– what’s you configuration with HTTP Headers plugin
– what other plugins are currently activeForum: Plugins
In reply to: [HTTP Headers] Not workingThat’s not the general use case.
If doesn’t works for you, please be more descriptive and tell:
– what’s your system (OS, Web sever, PHP SAPI)
– what’s you configuration with HTTP Headers plugin
– which other plugins you are using, and they current status (active/not active)Forum: Plugins
In reply to: [HTTP Headers] Cannot activate rulesForum: Plugins
In reply to: [HTTP Headers] Cannot activate rulesHi @corpat
Thank you for your bug report.
I will try to reproduce and fix it.Forum: Plugins
In reply to: [HTTP Headers] Unsure if the plugin is workingHi @wood1e
This plugin add headers in the HTTP response (no meta tags are used).
Headers are sent via one of the following:
a) .htaccess file (when plugin is in Apache mode)
b) php header() function (when plugin is in PHP mode)In you screenshot I can see you’ve used a full page URL, but not an “origin” which is only protocol + domain name + (eventually port number), so in your case it should be: https://www.wolfrace.co.uk