Andrea Ferro
Forum Replies Created
-
Ciao Paolo,
Thank you for using the plugin and for opening this topic. I ask you to help you in the best possible way if the logs show some error related to the plugin?
In this way I can rule out a part of the errors I remain available.
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Duplicate headersHi @argusnet,
You’re right, this is not a security issue but it’s a common scenario.
What you’re seeing happens because your hosting provider (or a CDN/proxy in front of your server) is already setting some basic security headers, and then the plugin adds its own. The result is duplicate headers.
The reason securityheaders.com doesn’t show duplicates is that it typically only reads the first or last occurrence of each header, while Chrome DevTools shows everything that’s actually being sent.
To fix this: Go to Settings > Headers Security Advanced & HSTS WP, then scroll to the “Hide duplicate headers” section. There you can check the boxes for the headers that are being duplicated, the plugin will then avoid setting those specific headers, letting your hosting’s configuration take precedence (or vice versa, depending on your preference).
Let me know if you need any help identifying which headers are coming from whereForum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] First went to A+ now grade C.hi @basz85,
Don’t worry during the holidays there’s always a lot to organize I understand 😁
For me no problem I’ll write you here what you should check on the site that is not updating the grade.
I’ll describe some steps to check because as long as your hosting overwrites some rules.
- In the menu on the left click on: settings > Headers Security Advanced &HSTS WP > check that there are no ticks on hide duplicate headers
- Always check in settings > Headers Security Advanced & HSTS WP > that HSTS is checked (includeSubDomains, Preload)
If you use cloudflare or third-party services I ask you to delete or force the cache.
I remain available to help you as soon as possible with your website.
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] First went to A+ now grade C.hello @basz85 ,
Thank you for your topic, I’m Andrea and I’ll help you with your request. I ask you if you can write to me at [email protected] so that I can ask you for information and help you in the fastest way.
Hi @boxhamster,
Thanks for your reply. I saw you’d found the solution in a previous thread where I’d replied. I’ve reposted the solution since this thread is more recent.
Regarding your note about onboarding: thank you, that’s very valuable feedback 🙏
I’m currently improving the plugin’s documentation and interface to better explain this and guide users when enabling more stringent and custom rules.If you write to me at [email protected] I can help you verify the problem as quickly as possible.
hi @boxhamster,
Grazie per aver aperto questo topic. Sono Andrea e ti aiuterò nella tua richiesta.
To customize the CSP headers / rules you can do it directly in the settings > Headers Security Advanced & HSTS WP.
The alerts are not serious, I usually configure if I need the CSPs and then I don’t worry about the alerts.
Once you have obtained the CSP rules from one of the tools, follow these steps to add them using the “Headers Security Advanced & HSTS WP” plugin:
- Access the Plugin Settings:
- In your WordPress website, log in to the administration area and navigate to the installed plugins section.
- Find and click on the “Headers Security Advanced & HSTS WP”plugin to access its settings.
- Configure the CSP Header:
- Inside the plugin settings, look for the “CSP Header” option and click on it to open the CSP rules configuration section.
- Paste the CSP Rules:
- In the CSP Header section, you’ll find a field where you can paste the CSP rules generated previously by the tool.
- Paste the rules into the designated field, ensuring they are correctly formatted.
- Save the Changes:
- After pasting the CSP rules, click on “Save” or “Update” to apply the changes.
The topic you found is very detailed where I explained everything but if you have any problems or want more information you can also use [email protected]
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Ezoic ads are not displaying properlyIn the meantime go to the plugin settings > then look at the CSP entry and see if you find this, otherwise delete the contents of that and save
View post on imgur.com
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Ezoic ads are not displaying properlyou should solve it this way, you can also write to me at the email below to speed up the resolution. If you encounter problems, to force the bug fix, uninstall and reinstall the plugin.
New update 5.2.4 available
With version 5.2.4, I have definitively resolved various issues reported by users, improved compatibility, and optimized the management of security policies generated by the plugin.
To ensure that all changes are applied correctly, I recommend deactivating and reactivating the plugin after the update.
- puoi contattarmi anche su [email protected]
This step allows the system to rebuild the necessary files and fully apply the new settings.
Thank you for your support and for your reports, which have allowed us to improve the plugin
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Trouble logging in via MainWPhi @ebedo,
I understand if you write to me at the e-mail above I can give you direct and fast support
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Trouble logging in via MainWPhi @ebedo,
Version 5.2.4 has fixed the bug issues. To force it, you would need to either disable and re-enable it, as you seem to have done, or uninstall and reinstall it.
You can also contact me at [email protected] for direct and fast support.
ou should solve it this way, you can also write to me at the email below to speed up the resolution. If you encounter problems, to force the bug fix, uninstall and reinstall the plugin.
I see the site online: https://xn--die-gnstige-immobilie-dic.de/New update 5.2.4 available
With version 5.2.4, I have definitively resolved various issues reported by users, improved compatibility, and optimized the management of security policies generated by the plugin.
To ensure that all changes are applied correctly, I recommend deactivating and reactivating the plugin after the update.
- puoi contattarmi anche su [email protected]
This step allows the system to rebuild the necessary files and fully apply the new settings.
Thank you for your support and for your reports, which have allowed us to improve the plugin
- This reply was modified 4 months, 2 weeks ago by Andrea Ferro.
hi @prolet ,
It was a pleasure hearing from you again and helping you.
Hi @prolet
You should solve it this way, you can also write to me at the email below to speed up the resolution. If you encounter problems, to force the bug fix, uninstall and reinstall the plugin.
New update 5.2.4 available
With version 5.2.4, I have definitively resolved various issues reported by users, improved compatibility, and optimized the management of security policies generated by the plugin.
To ensure that all changes are applied correctly, I recommend deactivating and reactivating the plugin after the update.
- puoi contattarmi anche su [email protected]
This step allows the system to rebuild the necessary files and fully apply the new settings.
Thank you for your support and for your reports, which have allowed us to improve the plugin
- This reply was modified 4 months, 2 weeks ago by Andrea Ferro.
Forum: Plugins
In reply to: [Headers Security Advanced & HSTS WP] Last Update breaks Ecwid shopping cartHi @2twins,
New update 5.2.4 available
With version 5.2.4, I have definitively resolved various issues reported by users, improved compatibility, and optimized the management of security policies generated by the plugin.
To ensure that all changes are applied correctly, I recommend deactivating and reactivating the plugin after the update.
- puoi contattarmi anche su [email protected]
This step allows the system to rebuild the necessary files and fully apply the new settings.
Thank you for your support and for your reports, which have allowed us to improve the plugin
Hi @marcinek28,
For more information, please contact me by email at [email protected] so that I can help you resolve this very strange issue.
I remain at your disposal @marcinek28