Content Security Policy

  • Resolved CypressWebs

    (@jmeyer2485)


    4 years, 5 months ago

    When I scanned my website through the Mozilla Observatory it says I’m missing the Content Security Policy. I can’t find this option in Defender. Will this be added or am I missing it?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Nebu John – WPMU DEV Support

    (@wpmudevsupport14)

    4 years, 5 months ago

    Hi @jmeyer2485,

    I hope you are doing great.

    Defender provides an option to implement security headers and you can find the same at Defender >> Tools >> Security headers.

    Please find more details about the feature here: https://wpmudev.com/docs/wpmu-dev-plugins/defender/#security-headers

    I hope that helps.

    Kind Regards,
    Nebu John

    Thread Starter CypressWebs

    (@jmeyer2485)

    4 years, 5 months ago

    @wpmudevsupport14

    You’re correct and they are all turned on but yet the test still shows that Content Security Policy is missing.

    Plugin Support Imran – WPMU DEV Support

    (@wpmudev-support9)

    4 years, 5 months ago

    Hello @jmeyer2485 !

    Apologies for a slight confusion here!

    The CSP headers are not part of Defender yet, but we have plans to introduce them to the plugin as well.

    The reason those aren’t possible to set up from Defender is that comparing to the other headers which have some simple options, CSP headers basically require a whole dedicated setup and configuration – it’s not just about turning them on. As it’s easy to make mistakes while setting them up, our team is taking some extra time to provide an interface which will help avoid any potential issues.

    I’ll add your question as a vote towards this feature as well as our team is tracking the internet from the users.

    Kind regards,
    Pawel

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Content Security Policy’ is closed to new replies.