Title: Failed 2 security header tests
Last modified: May 9, 2022

---

# Failed 2 security header tests

 *  Resolved [alex.alp](https://wordpress.org/support/users/alexalp/)
 * (@alexalp)
 * [4 years, 1 month ago](https://wordpress.org/support/topic/failed-2-security-header-tests/)
 * Hello,
    Great plugin first of all!
 * i used 2 security header test tool and in one i got a A+ and with Serpworx, i
   got 77, there 2 that failed to pass the test:
    1- X Permitted Cross Domain Policies
   2- Feature Policy
 * The tool suggested me to add these codes:
    For point 1: <IfModule mod_headers.
   c> Header set X-Permitted-Cross-Domain-Policies “none”
 * <IfModule mod_headers.c>
 * For point 2:
    <IfModule mod_headers.c> Header set Feature-Policy “camera ‘none’;
   fullscreen ‘self’; geolocation *; microphone ‘self’ [https://www.example/*&#8221](https://www.example/*&#8221);
 * <IfModule mod_headers.c>
 * I could add them in the htaccess, but it would be better to add them with the
   plugin and not touch code, especially for non-developers.

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [Andrea Ferro](https://wordpress.org/support/users/unicorn03/)
 * (@unicorn03)
 * [4 years, 1 month ago](https://wordpress.org/support/topic/failed-2-security-header-tests/#post-15633164)
 * Hi **[@alexalp](https://wordpress.org/support/users/alexalp/)**, we are happy
   that you are using **Headers Security Advanced & HSTS WP** plugin.
 * I’m here to help in the best possible way I learned about your issue and by the
   end of the week there will be an update with some optimization and feedback.
 * I’m going to start some testing now and I’ll write back to you as soon as I finish
   two tests.
 * Thanks and I hope you like the support
 *  Plugin Author [Andrea Ferro](https://wordpress.org/support/users/unicorn03/)
 * (@unicorn03)
 * [4 years ago](https://wordpress.org/support/topic/failed-2-security-header-tests/#post-15658139)
 * Hi **[@alexalp](https://wordpress.org/support/users/alexalp/),** thanks again
   for your feedback we have come to the time to code and verify the issue you were
   experiencing in the previous ticket.
 * After some verifications I can confirm that tomorrow we will release the **Headers
   Security Advanced & HSTS WP** update with **version 4.8.88.** The update implements
   some coding optimizations and some new headers.
 * The issue that Serpworx reports to you in this case _“Feature-Policy”_ is a deprecated
   and renamed “permissions-policy” header.
    We care a lot about the reports, though,
   so it was decided that **version 4.8.88** was optimized with the **Serpworx**
   tool.
 * We thank you again for your helpfulness, if you have the time a review would 
   be nice.
 * thanks
 *  Thread Starter [alex.alp](https://wordpress.org/support/users/alexalp/)
 * (@alexalp)
 * [4 years ago](https://wordpress.org/support/topic/failed-2-security-header-tests/#post-15678426)
 * hello Andrea,
    I just updated the plugin with the latest version (4.8.89) and
   the X Permitted Cross Domain Policies issue is finally fixed now, thank you so
   much! I really appreciate you looked into this.
 * The tool still points out the Feature Policy issue, but for what you said, i 
   should just ignore it, shouldn’t i?
 *  Plugin Author [Andrea Ferro](https://wordpress.org/support/users/unicorn03/)
 * (@unicorn03)
 * [4 years ago](https://wordpress.org/support/topic/failed-2-security-header-tests/#post-15678497)
 * Hi **[@alexalp](https://wordpress.org/support/users/alexalp/),** thank you for
   the feedback, you are welcome and I am happy to help you with any information
   or issues.
 * the feature-policy feature is deprecated and renamed however if you want you 
   can email us with the link so we can test with serpworx
 * We are also available at the following email address:
    _support@tentacleplugins[
   dot]com_
 * best regards

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Failed 2 security header tests’ is closed to new replies.

 * ![](https://ps.w.org/headers-security-advanced-hsts-wp/assets/icon.svg?rev=3102785)
 * [Headers Security Advanced & HSTS WP](https://wordpress.org/plugins/headers-security-advanced-hsts-wp/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/headers-security-advanced-hsts-wp/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/headers-security-advanced-hsts-wp/)
 * [Active Topics](https://wordpress.org/support/plugin/headers-security-advanced-hsts-wp/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/headers-security-advanced-hsts-wp/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/headers-security-advanced-hsts-wp/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [Andrea Ferro](https://wordpress.org/support/users/unicorn03/)
 * Last activity: [4 years ago](https://wordpress.org/support/topic/failed-2-security-header-tests/#post-15678497)
 * Status: resolved