- This topic has 7 replies, 3 voices, and was last updated 3 years, 11 months ago by
.
-
Posts
-
Hi.
I have no idea how I go about fixing this. I just performed a web page speed test at Web Page Test
and it told me that every is really good except for my security which scores an “F”
Is there something I can do to improve that? It suggests that I fix by signing up for snyk. I have no idea what that is.Is there something that I can edit in the theme to fix this problem or do I need this software?
Web Page Test Result
Web Page Test Result MeaningThanks,
Regards
Alan
Customer Support
Hi Alan,
You can improve this by installing a security plugin. Plugins generally add the necessary security headers to your site so you don’t have to manually write it yourself. 😀
As for recommendations, the most famous of the bunch is Sucuri or Wordfence.
Hi Elvin
That’s strange then because I have already got Wordfence installed. I will check my settings.
Thanks
Alan
No problem. 😀
I still haven’t managed to solve this issue. I’ve got wordfence security but there don’t appear to any settings in there that will fix this.
I found this on another website but I really would like to know if this is safe
It suggests to add this to the .htaccess file
Header always append X-Frame-Options DENY Header set X-Content-Type-Options nosniff Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS Header always set X-XSS-Protection "1; mode=block" Header set Content-Security-Policy "script-src 'unsafe-inline' 'unsafe-eval' http: https:"Is there a better way? I would prefer not to add another plugin if possible
Thanks
Customer Support
Hi there,
best thing would be to speak with your host regarding this, as those are all server level functions. They will be best placed to advise on what ‘can/should’ be done, and they may already have some prebuilt configs that can be applied to your site.
Thanks David. I have contacted my host about this.
Hope they can help 🙂
- You must be logged in to reply to this topic.