X-Content-Type nosniff and X-XSS-Protection Missing

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter doubledworks

    (@doubledworks)

    Hummm, it appears I may not have waited long enough (30 minutes) for it to update cache or something. It seems to work now after waiting a further 30 minutes or so.

    Yes, the plugin communicates with SiteCheck [1] to scan your site looking for malware, blacklist flags, and security holes. To prevent an overflow of scans I added a code in the plugin to store the result of the latest scan during twenty minutes, after that time you can execute a new scan.

    Also, I must say that even if there is no cache some people may not be able to add these security headers in their sites because (as you can see in the code) there is a condition that checks if the “Apache Headers Module” is available [2]. If this module is not available (which is something controlled by the hosting company) then the headers will be not added.

    [1] https://sitecheck.sucuri.net/
    [2] https://httpd.apache.org/docs/current/mod/mod_headers.html

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘X-Content-Type nosniff and X-XSS-Protection Missing’ is closed to new replies.