Security

  • Alex

    (@expofield)


    6 years, 4 months ago

    Hello, guys!
    I want to ask is this code okay for a header?

    <system.webServer>

    <httpProtocol>

    <customHeaders>

    <add name=”X-XSS-Protection” value=”1; mode=block” />

    </customHeaders>

    <add name=Header set X-XSS-Protection “1; mode=block” />

    <customHeaders>

    </httpProtocol>

    </system.webServer>

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    6 years, 4 months ago

    I don’t understand what you’re asking. Please explain the context of your question.

    Thread Starter Alex

    (@expofield)

    6 years, 4 months ago

    I need to put X-XSS-Protection” value=”1; mode=block / Header set X-XSS-Protection “1; mode=block in the headers. I need a code to do it without showing in the header of the theme. I found that code on the internet. There were some points (…) after the first and before the last </system.webServer> , but they appeared in the theme, so I removed them. Could you please tell me if my code is properly written and if not, how it should look. Again, I say, I want it in the headers codes. Thank you indeed! I appriciate your help.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    6 years, 4 months ago

    None of that belongs in the header of your site. They appear to be lines to be added to your web server config files.

    Use a plugin to modify your WP output: https://wordpress.org/plugins/search/headers+xss/

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Security’ is closed to new replies.