Title: https://www.webpagetest.org/ Result “E” Last modified: May 13, 2020 --- # https://www.webpagetest.org/ Result “E” * [auctionsavvy](https://wordpress.org/support/users/auctionsavvy/) * (@auctionsavvy) * [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/) * Hi, * WebPageTest.org reported no errors until today when, for the first time, a Security Score was displayed as “E”. I have been using HTTP Header for several months and the Security Score error hadn’t appeared. * These are the active plug-in settings: X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Strict-Transport-Security max-age =63072000; includeSubDomains; preload Referrer-Policy no-referrer Content-Security- Policy frame-ancestors ‘none’ Feature Policy ON * Any idea what is happening? * Thanks a lot for your help, * Stephen * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fhttps-www-webpagetest-org-result-e%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/) * (@zinoui) * [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/#post-12829266) * Hi Stephen, * When I open your website at [https://www.auction-savvy.com/](https://www.auction-savvy.com/) I see these response headers: * ``` cache-control: max-age=0 cf-cache-status: DYNAMIC cf-ray: 592e056389d70d5a-VIE cf-request-id: 02b0a1b23800000d5a24315200000001 content-encoding: br content-type: text/html; charset=UTF-8 date: Wed, 13 May 2020 17:15:22 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires: Wed, 13 May 2020 17:15:21 GMT last-modified: Wed, 13 May 2020 16:29:59 GMT server: cloudflare status: 200 vary: Accept-Encoding,Cookie,User-Agent,Accept x-content-type-options: nosniff ``` * then I open the same page like this: [https://www.auction-savvy.com/?adasdas](https://www.auction-savvy.com/?adasdas) and I get the following response headers: * ``` cache-control: max-age=0 cf-cache-status: DYNAMIC cf-ray: 592e07515b2f0d5a-VIE cf-request-id: 02b0a2e6d900000d5a241da200000001 content-encoding: br content-security-policy: frame-ancestors 'none' content-type: text/html; charset=UTF-8 date: Wed, 13 May 2020 17:16:43 GMT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires: Wed, 13 May 2020 17:16:40 GMT link: ; rel="https://api.w.org/" referrer-policy: no-referrer server: cloudflare status: 200 strict-transport-security: max-age=63072000; includeSubDomains; preload vary: Accept,Accept-Encoding,User-Agent x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block ``` * As you can see the late is a “fresh” request, with all your security headers. So, I guess you are using some intermediate cache like Cloudflare. * To overcome this you can try to adjust the `Cache-Control` header to include the `public` directive. * For example: `Cache-Control: public, max-age=0` * Note that you may need to purge the Cloudflare cache after a change of HTTP Headers plugin settings. * For more info read this: [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control) * Dimitar - This reply was modified 6 years ago by [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/). Reason: clarification * Thread Starter [auctionsavvy](https://wordpress.org/support/users/auctionsavvy/) * (@auctionsavvy) * [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/#post-12830214) * Hi Dimitar, * Yes, I am using Cloudflare. I followed your direction and enabled the Cache-Control in HTTP Headers to public, max-age=0. I cleared the Cloudflare cache but still have the same result. * Any other suggestions? * Thanks again for your help, * Stephen * Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/) * (@zinoui) * [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/#post-12831508) * Sorry, it’s my bad but the `public` directive is not what you need. Try this: * `Cache-Control: no-store` * or * `Cache-Control: no-cache, max-age=0` * Thread Starter [auctionsavvy](https://wordpress.org/support/users/auctionsavvy/) * (@auctionsavvy) * [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/#post-12835040) * Hi Dimitar, * I tried both suggestions but no change in results. I did find however if I disable the WP Rocket plugin the score goes from “D” to “A”. I will submit a support ticket to WP Rocket and see if they can resolve. * Thanks again for your help and have a good weekend! * Stephen Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘https://www.webpagetest.org/ Result “E”’ is closed to new replies. * ![](https://ps.w.org/http-headers/assets/icon-128x128.png?rev=1413576) * [HTTP Headers](https://wordpress.org/plugins/http-headers/) * [Frequently Asked Questions](https://wordpress.org/plugins/http-headers/#faq) * [Support Threads](https://wordpress.org/support/plugin/http-headers/) * [Active Topics](https://wordpress.org/support/plugin/http-headers/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/http-headers/unresolved/) * [Reviews](https://wordpress.org/support/plugin/http-headers/reviews/) ## Tags * [cache](https://wordpress.org/support/topic-tag/cache/) * 4 replies * 2 participants * Last reply from: [auctionsavvy](https://wordpress.org/support/users/auctionsavvy/) * Last activity: [6 years ago](https://wordpress.org/support/topic/https-www-webpagetest-org-result-e/#post-12835040) * Status: not resolved