Title: HTTP Headers Security Analyses/ Website CMS/ Expect CT
Last modified: May 20, 2020

---

# HTTP Headers Security Analyses/ Website CMS/ Expect CT

 *  [dny24](https://wordpress.org/support/users/dny24/)
 * (@dny24)
 * [5 years, 12 months ago](https://wordpress.org/support/topic/http-headers-security-analyses-website-cms-expect-ct/)
 * Bonjour Carl,
 * I also send you a Facebook message.
    You are working on nice things and I see
   we have many same interest, like Audio, Music, Synthesizers and Sounds.
 * I really like your HTTP Headers plug-in.
    Bravo !
 * I have a question how I can set the HTTP Headers Security Analyses for the following(
   missing) optional HTTP Headers (if possible in your app):
    – Access-Control-Allow-
   Origin – Public-Key-Pins – Public-Key-Pins-Report-Only
 * Do you have some tips?
 * My second question is about the PCI DSS Compliance Analyses.
    I got the message:
   Requirement 6.2: Website CMS or it’s component seem to be outdated. But requirements
   6.5 and 6.6 are both excellent. Do you know what is going on?
 * Both questions can be seen with the website tester:
    [https://www.immuniweb.com/websec](https://www.immuniweb.com/websec)
 * Last question is about the Expect CT.
    I set it to: Enforce with max-age=2592000
   That is recommended in your app. But immuniweb things this header is not properly
   set. What do you think?
 * Thanks in advantage and best regards from The Netherlands,
 * Danny Rorije
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fhttp-headers-security-analyses-website-cms-expect-ct%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

The topic ‘HTTP Headers Security Analyses/ Website CMS/ Expect CT’ is closed to 
new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/http-security.svg)
 * [HTTP headers to improve web site security](https://wordpress.org/plugins/http-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/http-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/http-security/)
 * [Active Topics](https://wordpress.org/support/plugin/http-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/http-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/http-security/reviews/)

 * 0 replies
 * 1 participant
 * Last reply from: [dny24](https://wordpress.org/support/users/dny24/)
 * Last activity: [5 years, 12 months ago](https://wordpress.org/support/topic/http-headers-security-analyses-website-cms-expect-ct/)
 * Status: not resolved