Upgrade Insecure Requests

  • Resolved ufpst

    (@ufpst)


    2 years, 3 months ago

    I have three sites running Really Simple SSL. I have the same .htacess file running across the same site (same contents, different for each instance).

    On two of the sites, I am passing all the site health checks and there are no issues at all.

    On just one of the sites, I am being told I need to: Upgrade Insecure Requests

    But I have this line included: Header always set Content-Security-Policy “upgrade-insecure-requests”

    Is there anything more I can do?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support jarnovos

    (@jarnovos)

    Hi @ufpst,

    You have added the header correctly. I tested the attached website by entering the URL of your website in this testing tool (SecurityHeaders.com) which correctly returns the Content-Security-Policy header with the value: “upgrade-insecure-requests”.

    I therefore suspect that the Site Health notice concerning this security header is cached. Could you try if re-saving the Really Simple SSL settings resolves the issue?

    Kind regards,
    Jarno

    • This reply was modified 2 years, 3 months ago by jarnovos.
    Thread Starter ufpst

    (@ufpst)

    Hey @jarnovos,

    Well thank you for that – that resolved it!!

    Thanks so much for the support!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Upgrade Insecure Requests’ is closed to new replies.