리눅스맨

Not all recommended security headers are installed

WordPress recommended improvements

Not all recommended security headers are installed

HTTP Strict Transport Security
Content Security Policy: Upgrade Insecure Requests
X-XSS protection
X-Content Type Options
Referrer-Policy
Expect-CT

 

Solved

# START security headers https://vlog.tion.co.kr/?p=1703
Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS 
Header always set Content-Security-Policy "upgrade-insecure-requests"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"
# End security headers by TION

 

위의 전체 항목을 복사해서 복사하면됩니다.

 

Copy to your .haccess File.

 

게시됨

카테고리

,

작성자

ationkr

태그: