Sucuri dashboard recommendations

  • Resolved sornman

    (@sornman)


    7 years, 3 months ago

    I can’t get Sucuri to properly identify the Security Headers and Server Banners for my WordPress sites. I believe the root of the issue is that Sucuri is checking the http headers (which 301 redirect to https), rather than the https headers where the site is located.

    At the top of the dasboard in the WordPress intergrity box, it lists the php version, wp version, server and version, then ‘Redirects to:’. If I am accessing the site via https, the site settings are configured to https, why is Sucuri checking the http headers?

    I have tested the site with curl -I -L domain and it shows what I believe to be what Sucuri is seeing when testing the site, using http.

    Any ideas on how to get Sucuri to properly test the site? The 301 http headers are very brief, and shouldn’t pose any security issues. The https headers contain all of the recommendations that Sucuri mentions.

  • The topic ‘Sucuri dashboard recommendations’ is closed to new replies.