[태그:] Not all recommended security headers are installed

  • Not all recommended security headers are installed

    Not all recommended security headers are installed

    WordPress recommended improvements

    Not all recommended security headers are installed

    HTTP Strict Transport Security
    Content Security Policy: Upgrade Insecure Requests
    X-XSS protection
    X-Content Type Options
    Referrer-Policy
    Expect-CT

     

    Solved

    # START security headers https://vlog.tion.co.kr/?p=1703
Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS 
Header always set Content-Security-Policy "upgrade-insecure-requests"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"
# End security headers by TION

     

    위의 전체 항목을 복사해서 복사하면됩니다.

     

    Copy to your .haccess File.