Title: Cache headers
Last modified: October 14, 2020

---

# Cache headers

 *  Resolved [margomm](https://wordpress.org/support/users/margomm/)
 * (@margomm)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/)
 * Hello!
    After the last update, it became possible to enable Cache headers. I 
   cannot understand, I have to turn it on or not.

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Plugin Support [Patrick – WPMU DEV Support](https://wordpress.org/support/users/wpmudevsupport12/)
 * (@wpmudevsupport12)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13539807)
 * Hi [@margomm](https://wordpress.org/support/users/margomm/)
 * The headers are related to security headers for example,
 * In case you use a protection plugin like our Defender plugin [https://wordpress.org/plugins/defender-security/](https://wordpress.org/plugins/defender-security/)
   it will apply the security headers for your website, some plugins cache doesn’t
   include those headers on the caching making the protection useless when the browser
   renders the cached version, however, on the new Hummingbird plugin we allow users
   to enable this.
 * In case you are using this protection tool, it is a nice idea to enable the feature
   too.
 * Let us know if you have any additional question on this.
    Best Regards Patrick
   Freitas
 *  Thread Starter [margomm](https://wordpress.org/support/users/margomm/)
 * (@margomm)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13541444)
 * 1. If I install your Defender plugin, do I need to enable Cache headers?
 * 2. I have specified security headers in .htaccess without additional plugin.
   
   Do I need to enable Cache headers in Hummingbird?
 * This is what I pointed out in .htaccess:
    # <IfModule mod_deflate.c> AddOutputFilterByType
   DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/
   javascript text/css application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-
   text/html BrowserMatch ^Mozilla/4.0[678] no-gzip BrowserMatch bMSIE !no-gzip !
   gzip-only-text/html <ifmodule mod_gzip.c> mod_gzip_on Yes mod_gzip_item_include
   file \.js$ mod_gzip_item_include file \.css$ </ifmodule> </IfModule> # img,js,
   css FileETag MTime Size <ifmodule mod_expires.c> <filesmatch “.(jpg|gif|png|css
   |js)$”> ExpiresActive on ExpiresDefault “access plus 1 month” </filesmatch> </
   ifmodule> # Extra Security Headers <IfModule mod_headers.c> Header set X-XSS-
   Protection “1; mode=block” Header always append X-Frame-Options SAMEORIGIN Header
   set X-Content-Type-Options nosniff Header set Strict-Transport-Security “max-
   age=31536000” env=HTTPS </IfModule> # <FilesMatch “^.*(error_log|wp-config\.php
   |php.ini|\.[hH][tT][aApP].*)$”> Order deny,allow Deny from all </FilesMatch> #
   <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^wp-admin/
   includes/ – [F,L] RewriteRule !^wp-includes/ – [S=3] RewriteRule ^wp-includes/[
   ^/]+\.php$ – [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L] 
   RewriteRule ^wp-includes/theme-compat/ – [F,L] </IfModule> # Options +FollowSymLinks
   RewriteEngine On RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
   RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING}
   _REQUEST(=|[|%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] # PHP <IfModule
   mod_headers.c> Header unset X-Powered-By Header unset Server </IfModule> # xmlrpc
   <Files xmlrpc.php> Order Allow,Deny Deny from all </Files> # htaccess <Files .
   htaccess> order allow,deny deny from all </Files> # RewriteCond %{QUERY_STRING}
   author=d RewriteRule ^ /? [L,R=301]
 *  Plugin Support [Dimitris – WPMU DEV Support](https://wordpress.org/support/users/wpmudev-support6/)
 * (@wpmudev-support6)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13549012)
 * Hello [@margomm](https://wordpress.org/support/users/margomm/)
 * Caching security headers has nothing to do with the origin of them (plugin or
   manual method), but it has to do with the fact that the caching module is able
   to include these in the cached copies of pages. So if you want these security
   headers in the cached pages, you enable that option.
 * Thank you,
    Dimitris
 *  Thread Starter [margomm](https://wordpress.org/support/users/margomm/)
 * (@margomm)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13549091)
 * Thanks! I realized.
    I love Hummingbird!
 *  Plugin Support [Patrick – WPMU DEV Support](https://wordpress.org/support/users/wpmudevsupport12/)
 * (@wpmudevsupport12)
 * [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13549716)
 * Hi [@margomm](https://wordpress.org/support/users/margomm/)
 * We are happy to hear you like the plugin.
 * Feel free to let us know if you have any additional question.
 * Best Regards
    Patrick Freitas

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Cache headers’ is closed to new replies.

 * ![](https://ps.w.org/hummingbird-performance/assets/icon-256x256.gif?rev=2633221)
 * [Hummingbird Performance - Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN](https://wordpress.org/plugins/hummingbird-performance/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/hummingbird-performance/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/hummingbird-performance/)
 * [Active Topics](https://wordpress.org/support/plugin/hummingbird-performance/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/hummingbird-performance/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/hummingbird-performance/reviews/)

 * 5 replies
 * 3 participants
 * Last reply from: [Patrick – WPMU DEV Support](https://wordpress.org/support/users/wpmudevsupport12/)
 * Last activity: [5 years, 8 months ago](https://wordpress.org/support/topic/cache-headers-3/#post-13549716)
 * Status: resolved