Return to previous page

Missing security header for /wp-content/themes/xstore

This topic has 2 replies, 2 voices, and was last updated 2 years, 2 months ago ago by Tony Rodriguez

Martin

Participant

December 4, 2022 at 18:22

Hi,

I ran a security scan at sucuri.net and got strange results, pointing at

domain/wp-content/themes/xstore

Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors ‘none’. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/

Missing security header to prevent Content Type sniffing. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/

Missing Strict-Transport-Security security header. Affected pages:
https://www.pflanzkompass.at/wp-content/themes/xstore/

Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src

Do you have ideas on what means?

Thank you
Martin

#340454 Copied Theme version: 4.3.8 WooCommerce version: 7.1.0

1 Answer

Tony Rodriguez

Support staff

December 5, 2022 at 06:49

Hello, @Martin,

Actually, It’s not a theme issue it is a server configuration issue nothing else and only from the server, you will be able to fix it. Please check this article: https://www.wpbeginner.com/beginners-guide/how-to-add-http-security-headers-in-wordpress/#:~:text=Adding%20HTTP%20Security%20Headers%20in%20WordPress%20using%20Cloudflare&text=Once%20Cloudflare%20is%20active%20on,the%20%27Enable%20HSTS%27%20button. For a better reference to understand how to fix it.

Regards 8Themes Team.

#340471 Copied
Tagged: header, missing, security, themes, woocommerce, wordpress, xstore
Viewing 2 results - 1 through 2 (of 2 total)