This topic has 9 replies, 3 voices, and was last updated 4 months, 3 weeks ago ago by Luca Rossi
Shop page not loading
Hrngift.com
It’s very urgent can some one check
Hello,
We’ve re-saved WooCommerce plugin settings on your site. Please check now.
Warm Regards,
The 8Theme Team
I want to use security headers as soon as i use them the shop page vanishes
# Add Strict Transport Security
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</IfModule>
# Add Content Security Policy
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
</IfModule>
# Add X-Frame-Options
<IfModule mod_headers.c>
Header always set X-Frame-Options "SAMEORIGIN"
</IfModule>
# Add X-Content-Type-Options
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
</IfModule>
# Add Referrer Policy
<IfModule mod_headers.c>
Header set Referrer-Policy "no-referrer-when-downgrade"
</IfModule>
# Add Permissions Policy
<IfModule mod_headers.c>
Header set Permissions-Policy "geolocation=(self), microphone=()"
</IfModule>
Dear Sam Aulakh,
We hope this message finds you well. We wish to inform you that certain mod_headers are not permitted by your hosting provider. We recommend that you reach out to your hosting provider’s support team for further assistance regarding this matter.
Thank you for your attention to this issue. Should you have any more questions or require further assistance, please do not hesitate to contact us.
Best Regards,
The 8Theme Team
my team sent this from server side
Hello,
You can get the list of modules they want to allow in mod sec, so we can compare the rules and let you know.
Regards,
Ralph | Level- 3 Tech Support Engg.
Dear @Aulakh, Sam,
In this case, you just need to send the .htaccess content to your hosting provider support. They will know which modules need to be activated:
# Add Strict Transport Security
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</IfModule>
# Add Content Security Policy
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
</IfModule>
# Add X-Frame-Options
<IfModule mod_headers.c>
Header always set X-Frame-Options "SAMEORIGIN"
</IfModule>
# Add X-Content-Type-Options
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
</IfModule>
# Add Referrer Policy
<IfModule mod_headers.c>
Header set Referrer-Policy "no-referrer-when-downgrade"
</IfModule>
# Add Permissions Policy
<IfModule mod_headers.c>
Header set Permissions-Policy "geolocation=(self), microphone=()"
</IfModule>
This is the server side change, nothing to do on our XStore theme or XStore Core plugin.
Thank for understanding!
Best Regards,
The 8Theme Team
You must be logged in to reply to this topic.Log in/Sign up