Security Headers

How to find where (unwanted) security headers are set

In some cases you may get the warning: “Header x has been set to the non-recommended value “**”, or You tried to disable “header”, but this is not possible because it is set by a third party. This means that a third party, not Really

Read More

Manually adding recommended security headers on WordPress

This article will explain how to manually add the recommended security headers to your website. For more advanced security headers or automatically add the security headers, please consider subscribing to Really Simple SSL Pro.  Security headers will add a new layer to SSL (Secure Socket

Read More

How to use the Feature Policy header

The Permissions-Policy HTTP header replaces the existing Feature-Policy header for controlling delegation of permissions and powerful features. The header uses a structured syntax, and allows sites to more tightly restrict which origins can be granted access to features. This will be released in Really Simple

Read More

Getting everything out of your security headers

When you have installed Really Simple SSL pro, you will get a bunch of new options. Users sometimes ask: “which headers should I enable, and why isn’t it all enabled by default?”. We’ll start auto enabling these as much as possible as of the next

Read More