This topic has 2 replies, 2 voices, and was last updated 2 years ago ago by Tony Rodriguez
Hi,
I ran a security scan at sucuri.net and got strange results, pointing at
domain/wp-content/themes/xstore
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors ‘none’. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/Missing security header to prevent Content Type sniffing. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/Missing Strict-Transport-Security security header. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
Do you have ideas on what means?
Thank you
Martin
Hello, @Martin,
Actually, It’s not a theme issue it is a server configuration issue nothing else and only from the server, you will be able to fix it. Please check this article: https://www.wpbeginner.com/beginners-guide/how-to-add-http-security-headers-in-wordpress/#:~:text=Adding%20HTTP%20Security%20Headers%20in%20WordPress%20using%20Cloudflare&text=Once%20Cloudflare%20is%20active%20on,the%20%27Enable%20HSTS%27%20button. For a better reference to understand how to fix it.
Regards 8Themes Team.
You must be logged in to reply to this topic.Log in/Sign up