• I am finding this a very effective tool to help clients reach security compliance. There is one glitch I believe, however, is with the x-content-type-options. Once you enable this the only option is “nosniff”. And once enabled, there is no way to reset it. And unfortunately i believe this setting is creating errors on my site. I can’t even seem to find the line for it in my .htaccess file. Any recommendations?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Dimitar Ivanov


    Hi @swampscrapper
    Thank you for this feedback!

    The line in your .htaccess file is:
    Header always set X-Content-Type-Options "nosniff"

    Switching the status from On to Off will remove the above line from your .htaccess file.
    Hope this helps you.

    Thread Starter swampscrapper


    Thank you Dimitar! Something odd is happening with the scans then. I have tried the scan from within the plugin /options-general.php?page=http-headers&tab=inspect and after toggling to “OFF” position and the X-content-type line remains. And as well, when running the scan from securityheaders.com it also remains. Perhaps this is just a caching issue? I did check .htaccess again it did appear to be removed there. I appreciate your time.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this review.