Title: Only php mode
Last modified: October 3, 2019

---

# Only php mode

 *  Resolved [billy44](https://wordpress.org/support/users/billy44/)
 * (@billy44)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/)
 * I have Cache Enabler and Autoptimize plugins installed, I just installed HTTP
   Headers to set security headers up, but I wanted to do this through .htaccess
   but it is only working with PHP mode, do you know why I cannot use Apache mode?
 * Thank you
    -  This topic was modified 6 years, 8 months ago by [billy44](https://wordpress.org/support/users/billy44/).
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fonly-php-mode%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/)
 * (@zinoui)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-11994087)
 * Hi [@billy44](https://wordpress.org/support/users/billy44/)
 * Apache mode requires write permissions of the htaccess file. Can you confirm 
   that this requirement is fulfilled?
 * Also check in your htaccess for any rules from HTTP Headers plugin. They should
   be enclosed with comments like # BEGIN HttpHeaders and # END HttpHeaders.
 * Did you notice any errors when activating the Apache mode?
 *  Thread Starter [billy44](https://wordpress.org/support/users/billy44/)
 * (@billy44)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12002183)
 * Hi [@zinoui](https://wordpress.org/support/users/zinoui/),
 * I confirm the following :
    – the htaccess file is readable and writeable by the
   owner (644). – All other rules in the htaccess are enclosed between # BEGIN and#
   END – No error shown when Apache mode enabled.
 * Do you have any idea why this security are not loaded? I’ve been looking through
   it for several hours now but I cannot find the solution.
 *  Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/)
 * (@zinoui)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12006142)
 * One more question – did you find any rules in the .htaccess file that are set
   from this plugin (HTTP Headers) or not?
 * If you find it, but they don’t works, this may caused by a missing Apache module,
   for example: mod_headers, mod_setenvif, mod_filter, etc.
 *  Thread Starter [billy44](https://wordpress.org/support/users/billy44/)
 * (@billy44)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12008612)
 * Yes I can find the rules set from the plugin in the .htaccess
    My hosting said
   to me :
 * “It seems that the problème come from WP which doesn’t take in count the headers
   modifications. The rules you put in the .htaccess file affect the HTML and the
   CSS only.”
 * And they advise me to follow that procedure : [https://www.gracefulsecurity.com/adding-http-security-headers-to-wordpress/](https://www.gracefulsecurity.com/adding-http-security-headers-to-wordpress/).
   But this is the PHP way of doing it. And I want to do it via .htaccess.
 * Could you please help me?
 * I precise that I am on a shared hosting is there anything relates to this?
    -  This reply was modified 6 years, 8 months ago by [billy44](https://wordpress.org/support/users/billy44/).
 *  Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/)
 * (@zinoui)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12011215)
 * Since you are seeing some of the headers in the htaccess, that mean the Apache
   mode is working.
 * Now, if you want those rules to apply slightly different you need to manually
   change the FilesMatch directive.
 * If you need more guidance you need to share what exactly headers want to be applied
   to what exactly file types.
 *  Thread Starter [billy44](https://wordpress.org/support/users/billy44/)
 * (@billy44)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12014122)
 * Hi Dimitar,
 * I have been in contact with my hosting support, this is the list of module installed:
 * core.c,
    event.c, http_core.c, mod_access_compat.c, mod_actions.c, mod_alias.
   c, mod_asis.c, mod_auth_basic.c, mod_auth_digest.c, mod_authn_core.c, mod_authn_file.
   c, mod_authnz_external.c, mod_authz_core.c, mod_authz_groupfile.c, mod_authz_host.
   c, mod_authz_unixgroup.c, mod_authz_user.c, mod_autoindex.c, mod_cgid.c, mod_cloudflare.
   c, mod_deflate.c, mod_dir.c, mod_env.c, mod_expires.c, mod_fastcgi.c, mod_filter.
   c, mod_headers.c, mod_htscanner2.c, mod_http2.c, mod_include.c, mod_info.c, mod_instaweb.
   cc, mod_limitipconn.c, mod_log_config.c, mod_logio.c, mod_mime.c, mod_negotiation.
   c, mod_proxy.c, mod_proxy_balancer.c, mod_proxy_connect.c, mod_proxy_http.c, 
   mod_remoteip.c, mod_reqtimeout.c, mod_rewrite.c, mod_security2.c, mod_setenvif.
   c, mod_slotmem_shm.c, mod_so.c, mod_socache_shmcb.c, mod_ssl.c, mod_status.c,
   mod_unique_id.c, mod_unixd.c, mod_userdir.c, mod_version.c, mod_watchdog.c.
 * And the support team also told me :
 * >  After discussion with our specialists, one of the reasons that the changes
   > made in the .htaccess do not affect the php, would come from the fact that 
   > we do not configure php as a module with Apache mod_php but as a server FastCGI
   > with php-fpm. I would like to refer you to this article for more details about
   > the differences between the two types of installation: [https://buzut.net/configuration-dun-serveur-linux-php/](https://buzut.net/configuration-dun-serveur-linux-php/)
 * The headers I would like are :
    Header always append X-Frame-Options SAMEORIGIN
   Header set X-XSS-Protection “1; mode=block” Header set X-Content-Type-Options
   nosniff

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Only php mode’ is closed to new replies.

 * ![](https://ps.w.org/http-headers/assets/icon-128x128.png?rev=1413576)
 * [HTTP Headers](https://wordpress.org/plugins/http-headers/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/http-headers/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/http-headers/)
 * [Active Topics](https://wordpress.org/support/plugin/http-headers/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/http-headers/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/http-headers/reviews/)

## Tags

 * [apache](https://wordpress.org/support/topic-tag/apache/)
 * [php](https://wordpress.org/support/topic-tag/php/)

 * 6 replies
 * 2 participants
 * Last reply from: [billy44](https://wordpress.org/support/users/billy44/)
 * Last activity: [6 years, 8 months ago](https://wordpress.org/support/topic/only-php-mode/#post-12014122)
 * Status: resolved