我修改了.htaccess
文件,如下链接所示:https://really-simple-ssl.com/site-health-recommended-security-headers/,但问题是,它仍然不工作,当我用这个在线工具分析我的网站:https://www.getastra.com/,一个继续说,我没有保护我的网站的标题。
下面是我的.htaccess文件的内容:
# Really Simple SSL
Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS
Header always set Content-Security-Policy "upgrade-insecure-requests"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options: "SAMEORIGIN"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"
Header always set Permissions-Policy: ""
# End Really Simple SSL
# BEGIN WordPress
# Directives (lines) between "BEGIN WordPress" and "END WordPress" are generated
# dynamically, and should only be changed through WordPress filters.
# Any changes to directives between these markers will be overridden.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
1条答案
按热度按时间eblbsuwk1#
如果任何人仍然没有找到答案,我有同样的问题与我的网站,我试图清除我的网站的缓存使用LiteSpeedCache插件和它的工作!