Author: Leon Wimmenhoeve
Really Simple Security adapts to recent WP Engine changes
So what changed? WP Engine will drop support for the root file .htaccess. This is not uncommon, and several web servers, such as NGINX, do not support htaccess, and Really Simple Security still works. What is htaccess? The .htaccess file is a configuration file in the root of your domain that contains configurations for your webserver. Some configurations can be; Cache-control Rewriting URL’s Blocking IP Addresses Implementing HTTPS / HSTS Really Simple Security (and WordPress as well) can use the
How to use the Permissions Policy header
The Permissions Policy HTTP header replaces the existing Feature Policy header for controlling delegation of permissions and powerful features. The header uses a structured syntax, and allows sites to more tightly restrict which origins can be granted access to features. What is the Permissions Policy header The Permissionas Policy header is a security header that controls which browser features can be used. Besides implementing these rules for your own content it can also prevent external iFrames from using these browser
Why you should use the default plugin folder name for Really Simple Security
In some cases, you might need to change the plugin folder name: for example, if you temporarily want to deactivate the plugin. Or, if you are beta testing the current GitHub version. We recommend changing the folder name back to “really-simple-ssl” before you activate the plugin. The most important reason for this is that all of the deactivation methods (while retaining HTTPS) work correctly. To rename the plugin folder, please go to a File Manager or FTP client, then navigate
Manually adding recommended security headers on WordPress
This article will explain how to manually add the recommended security headers to your website. For more advanced security headers or automatically add the security headers, please consider subscribing to Really Simple Security Pro. Security Headers add important additional protection for visitors of your website. The security headers Security headers are instructions your web server sends to a visitor’s browser. They tell the browser how to safely handle your site, which domains can load content, whether the page can be
Why is my site still not secure?
Really Simple Security is designed to enable SSL with one click. It couldn’t be any easier! For over 95% of sites that install Really Simple Security, this one click will do the trick. While you are here, I suppose that you are one of the other 5%. Don’t worry, we’re here to help! In this article we’ll summarize the most common issues, along with instructions on how to solve these issues. Please note: The extensive site scan & fixer included