• I am finding this a very effective tool to help clients reach security compliance. There is one glitch I believe, however, is with the x-content-type-options. Once you enable this the only option is “nosniff”. And once enabled, there is no way to reset it. And unfortunately i believe this setting is creating errors on my site. I can’t even seem to find the line for it in my .htaccess file. Any recommendations?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Dimitar Ivanov

    (@zinoui)

    Hi @swampscrapper
    Thank you for this feedback!

    The line in your .htaccess file is:
    Header always set X-Content-Type-Options "nosniff"

    Switching the status from On to Off will remove the above line from your .htaccess file.
    Hope this helps you.

    Thread Starter swampscrapper

    (@swampscrapper)

    Thank you Dimitar! Something odd is happening with the scans then. I have tried the scan from within the plugin /options-general.php?page=http-headers&tab=inspect and after toggling to “OFF” position and the X-content-type line remains. And as well, when running the scan from securityheaders.com it also remains. Perhaps this is just a caching issue? I did check .htaccess again it did appear to be removed there. I appreciate your time.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this review.