Author: Leon Wimmenhoeve

The Authorization Header is Missing

Since WordPress 5.6 we’ve been getting reports that users get an error message like this: “The Authorization Header is Missing”. The problem appears to be that Apache does not automatically send authorization headers. If that happens, the header has to be enabled in the virtual host file. I can’t say for sure that is has anything to do with the WordPress 5.6 update, we only noted that users are reporting it since then. Please note that this has nothing to

Leon Wimmenhoeve May 10, 2021

Do I need Really Simple Security: Site Health HTTPS update versus Really Simple Security

With the release of WordPress 5.7 a new core feature was introduced. Users who already have an SSL certificate, but still have to change their URL’s from ‘HTTP’ to ‘HTTPS’ can now update their website to use SSL under the Site Health section in WordPress. But what’s the difference? And more importantly, what are the extra features from Really Simple SSL? Below you will find the differences and extra features. Really Simple SSL Changing the WordPress and Site Address to

Leon Wimmenhoeve March 13, 2021

Really Simple SSL adapts to recent WP Engine changes

So what changed? WP Engine will drop support for the root file .htaccess. This is not uncommon, and several web servers, such as NGINX, do not support htaccess, and Really Simple SSL still works. What is htaccess? The .htaccess file is a configuration file in the root of your domain that contains configurations for your webserver. Some configurations can be; Cache-control Rewriting URL’s Blocking IP Addresses Implementing HTTPS / HSTS Really Simple SSL, and WordPress as well, can use htaccess

Leon Wimmenhoeve March 4, 2021

How to use the Permission Policy header

The Permissions-Policy HTTP header replaces the existing Feature-Policy header for controlling delegation of permissions and powerful features. The header uses a structured syntax, and allows sites to more tightly restrict which origins can be granted access to features. What is the Permissions Policy header The Permission Policy header is a security header that controls which browser features can be used. Besides implementing these rules for your own content it can also prevent external iFrames from using these browser features, making

Leon Wimmenhoeve January 11, 2021

Why you should use the default plugin folder name for Really Simple Security

In some cases, you might need to change the plugin folder name: for example, if you temporarily want to deactivate the plugin. Or, if you are beta testing the current GitHub version. We recommend changing the folder name back to “really-simple-ssl” when you are activating the plugin. The most important reason for this is, that if you would want to deactivate, but keep https, the plugin will bypass the normal deactivation process, and simply remove the “really-simple-ssl” plugin from the

Leon Wimmenhoeve December 30, 2020

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular