Meet Really Simple SSL 6
Meet Really Simple SSL Our major release Really Simple SSL 7 is coming soon. Pricing Really Simple SSL 6 is coming! Join our Beta Release Program. Learn more 5+ Million Happy Users Awesome Support Easy Configuration for Complex Features By WordPress & Security Experts Really Simple SSL 6 5/5 out 7000+ reviews 5/5 Hardening Advanced WordPress tweaks Fortify your website Always in the background Keep WordPress fortified and safe by tackling its weaknesses. Hardening features are available in Really
About the Security Scan
In the last five years, Really Simple Security has positioned itself as one of the leading authorities on Security Headers in WordPress. We gave talks about the importance of Security Headers on WordCamp Europe, and have always aspired to give everyone in the (WordPress) ecosystem an easy way to configure Security Headers as it’s a fundamental part of securing the web for everyone. We have relied on securityheaders.com for a while to quickly access a list of available Security Headers
How to set Security Headers on Apache and NGINX
Below we will discuss the challenges and solutions of setting security headers in a WordPress environment. Methods for setting http security headers There are different ways to set security headers on both Apache and Nginx. Usually, security headers on Apache are set in the .htaccess file in the root of your WordPress installation, for Nginx servers they are usually set in the nginx.conf file. Some servers combine Nginx and Apache so they can be set in either of those files.
How to find where (unwanted) security headers are set
In some cases you may be unable to change a security header from within Really Simple Security because the settings is disabled. You may even get the following warning in the Really Simple Security dashboard: “The … security header is not set by Really Simple Security but has a non-recommended value: “…” This means that the header was set by other means, sometimes incorrectly or with non-recommended values. If we find an incorrectly set header or a header that is
Does Really Simple Security affect Page Speed?
When you’ve activated Really Simple Security on your site, in some cases you might notice your site has become slower: this is not caused by the plugin! I specifically built this plugin to be fast: most of the work is done in the back-end, which doesn’t harm your performance. First, take a look at this independent test: https://plugintests.com/plugins/really-simple-ssl/latest. You will see the test indicates that page speed impact is “insignificant”. This is what I found as well when testing for speed.