• Resolved margomm

    (@margomm)


    Hello!
    After the last update, it became possible to enable Cache headers.
    I cannot understand, I have to turn it on or not.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Patrick – WPMU DEV Support

    (@wpmudevsupport12)

    Hi @margomm

    The headers are related to security headers for example,

    In case you use a protection plugin like our Defender plugin https://wordpress.org/plugins/defender-security/ it will apply the security headers for your website, some plugins cache doesn’t include those headers on the caching making the protection useless when the browser renders the cached version, however, on the new Hummingbird plugin we allow users to enable this.

    In case you are using this protection tool, it is a nice idea to enable the feature too.

    Let us know if you have any additional question on this.
    Best Regards
    Patrick Freitas

    Thread Starter margomm

    (@margomm)

    1. If I install your Defender plugin, do I need to enable Cache headers?

    2. I have specified security headers in .htaccess without additional plugin.
    Do I need to enable Cache headers in Hummingbird?

    This is what I pointed out in .htaccess:
    #
    <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css application/x-javascript
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4.0[678] no-gzip
    BrowserMatch bMSIE !no-gzip !gzip-only-text/html
    <ifmodule mod_gzip.c>
    mod_gzip_on Yes
    mod_gzip_item_include file \.js$
    mod_gzip_item_include file \.css$ </ifmodule>
    </IfModule>
    # img,js, css
    FileETag MTime Size
    <ifmodule mod_expires.c>
    <filesmatch “.(jpg|gif|png|css|js)$”>
    ExpiresActive on
    ExpiresDefault “access plus 1 month”
    </filesmatch>
    </ifmodule>
    # Extra Security Headers
    <IfModule mod_headers.c>
    Header set X-XSS-Protection “1; mode=block”
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options nosniff
    Header set Strict-Transport-Security “max-age=31536000” env=HTTPS
    </IfModule>
    #
    <FilesMatch “^.*(error_log|wp-config\.php|php.ini|\.[hH][tT][aApP].*)$”>
    Order deny,allow
    Deny from all
    </FilesMatch>
    #
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^wp-admin/includes/ – [F,L]
    RewriteRule !^wp-includes/ – [S=3]
    RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]
    RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]
    RewriteRule ^wp-includes/theme-compat/ – [F,L]
    </IfModule>
    #
    Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
    RewriteRule ^(.*)$ index.php [F,L]
    # PHP
    <IfModule mod_headers.c>
    Header unset X-Powered-By
    Header unset Server
    </IfModule>
    # xmlrpc
    <Files xmlrpc.php>
    Order Allow,Deny
    Deny from all
    </Files>
    # htaccess
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>
    #
    RewriteCond %{QUERY_STRING} author=d
    RewriteRule ^ /? [L,R=301]

    Plugin Support Dimitris – WPMU DEV Support

    (@wpmudev-support6)

    Hello @margomm

    Caching security headers has nothing to do with the origin of them (plugin or manual method), but it has to do with the fact that the caching module is able to include these in the cached copies of pages. So if you want these security headers in the cached pages, you enable that option.

    Thank you,
    Dimitris

    Thread Starter margomm

    (@margomm)

    Thanks! I realized.
    I love Hummingbird!

    Plugin Support Patrick – WPMU DEV Support

    (@wpmudevsupport12)

    Hi @margomm

    We are happy to hear you like the plugin.

    Feel free to let us know if you have any additional question.

    Best Regards
    Patrick Freitas

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.