Security headers doesn’t seem to be active

  • Resolved torbena

    (@torbena)


    3 years, 4 months ago

    Hi
    I have installed and activated the Defender plugin.
    Under Tools I have enabled all security headers as per default settings.
    Nevertheless several “security checking tools” still claim X-Frame and X-content types are not implemented. What am I doing wrong?
    Thanks in advance.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Saurabh – WPMU DEV Support

    (@wpmudev-support7)

    Hello @torbena,

    I am sorry to know that the security features are not working for you. To narrow down to the issue and to understand that other plugins are not conflicting, could you take a backup of your site and then disable all other plugins except defender, apply security headers and then check if they work for you? If it does not work, could you please make a video grab of all the plugins disabled and then the security header check to understand more about it?

    Another thing here could be about caching. Could you brief me a bit more about how are you caching your site? Do you have a plugin to cache your site? Are you also using object & static server cache and any other type of caching on the server?
    If yes, could you please clear all the active caches on your server and then check if the same works?

    I also see that you are currently using Microsoft-IIS/10.0 or a similar server. There is a chance that some server settings could be affecting the definition of security headers too. Could you also check with the hosting team if they have something on their end which could be affecting the settings? Looking forward to hearing from you on it.

    Thank you,
    Prathamesh Palve

    Plugin Support Amin – WPMU DEV Support

    (@wpmudev-support2)

    Hello @torbena ,

    We haven’t heard from you for some time now, so it looks like you don’t have more questions for us.

    Feel free to re-open this ticket if needed.

    Kind regards
    Kasia

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security headers doesn’t seem to be active’ is closed to new replies.