but Recomendations in Dashboard still are
This may be because your server doesn’t have the mod_headers module.
Or the results of the malware scanner are still cached, you have to wait 20 minutes for the cache to be reset, or you can reset it yourself from the “Data Storage” panel located in the plugin’ settings page. The file is called sucuri-sitecheck.php.
I delete this file, log out and login again.
This doesn’t work.
Maybe this is first reason.
How can I check my server for mod_headers module?
How can I check my server for mod_headers module?
It depends on what software you are actually using.
- If you are using the Apache web server, then execute
apachectl -M
- Other versions of Apache also allow for
apachectl -t -D DUMP_MODULES
- If you are using the Apache web server on CentOS, execute
httpd -M
- If you are using Nginx, execute
nginx -V and search _module
- Ask your hosting provider if you are using another web server
My file .htaccess is now:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
<IfModule mod_headers.c>
Header set X-XSS-Protection “1; mode=block”
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>
# END WordPress
Is this Ok?
Is this Ok?
Yes, it looks okay to me.
But remember that IfModule only executes the code inside if that module exists.
If you don’t have mod_rewrite or mod_headers those instructions will not work.
