Security Headers | ww.wp.xz.cn

Resolved Anonymous User 14978628
(@anonymized-14978628)

8 years, 11 months ago

Hi, there is an excellent article about security headers and how to test them on keycdn website:

https://www.keycdn.com/blog/http-security-headers/

But if i use the cache enabler plugin made by keycdn none of these headers work!

Can you please whitelist all security headers asap so that this plugin can be used with them?

Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author KeyCDN
(@keycdn)

8 years, 11 months ago

You can achieve this with the advanced configuration snippets, which allows you to fully customize the response headers: https://www.keycdn.com/support/wordpress-cache-enabler-plugin/#advanced-configuration

Thread Starter Anonymous User 14978628
(@anonymized-14978628)

8 years, 11 months ago

ok, do i need to specifically whitelist the security headers? And if so how? As when i copied the advanced configuration section into my htaccess and tested the headers there were still no security headers present.
Plugin Author KeyCDN
(@keycdn)

8 years, 11 months ago
You need to add them as per your needs. Here an example that you can add before the snippets:
```
# Extra Security Headers
<IfModule mod_headers.c>
	Header set X-XSS-Protection "1; mode=block"
	Header always append X-Frame-Options SAMEORIGIN
	Header set X-Content-Type-Options nosniff
</IfModule>
```
Thread Starter Anonymous User 14978628
(@anonymized-14978628)

8 years, 11 months ago

That helped, thanks!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Security Headers’ is closed to new replies.

4 replies
2 participants
Last reply from: Anonymous User 14978628
Last activity: 8 years, 11 months ago
Status: resolved