| CARVIEW |
Home / Plugin: BulletProof Security / Where to add the Header in BPS
Hello,
I have a question, regarding the Sec Header. Where in BPS do I have to add the Code?
add_header X-XSS-Protection “1; mode=block”;
Thx
best regards
If you have NGINX you would use: add_header.
If you have Apache you would use: Header set
You would add your Header code in this BPS Root Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
Click the Save Root Custom Code button.
Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.
If your website crashes due to your server not allowing your Header code or if your are using the wrong Header code for your server type then delete your Root htacess file using FTP. Then either correct your Header code in BPS Custom Code or just delete it.
You may be interested in using this additional security protection code > https://forum.ait-pro.com/forums/topic/mime-sniffing-data-sniffing-content-sniffing-drive-by-download-attack-protection/
Most likely you have an Apache server type if htaccess files are working on your website. So the NGINX code you posted above will crash your website.
Thanks for the Information!
Best regards
Yep, no problem. I forgot to mention that the first link I posted above has really good information about Security Headers, but the author of that post is explaining how to add the Apache code in the server .conf file. You can do the same thing in an htaccess file instead of adding the code in the server .conf file. For NGINX you would have to add Security Header code in the NGINX .conf file.
The topic ‘Where to add the Header in BPS’ is closed to new replies.
