Title: Security Header Last modified: July 6, 2024 --- # Security Header * Resolved [jimk1416](https://wordpress.org/support/users/jimk1416/) * (@jimk1416) * [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/) * I would like to add a permissions security header to my htacess file. Can you tell me if using it like this will still allow users to search for locations near them without any issues? * ```wp-block-code Header always set Permissions-Policy: "geolocation=(self), microphone=();" ``` * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-header-3%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 4 replies - 1 through 4 (of 4 total) * [farroyo](https://wordpress.org/support/users/farroyob/) * (@farroyob) * [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/#post-17873639) * Hi there, thanks for reaching out. * I just tried adding the header you mention on my test website and the geolocation works just fine. It allows the browser to track the user’s location (asking for their consent, as expected), and also to look for other locations in the map. * However this is to be expected, since the default allowlist for geolocation is“ self”, so you are not actually restricting anything in terms of geolocation for your own website. * I hope that helps. Regards, * Thread Starter [jimk1416](https://wordpress.org/support/users/jimk1416/) * (@jimk1416) * [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/#post-17873845) * Hey [@farroyob](https://wordpress.org/support/users/farroyob/) Thanks for your quick reply (as always)I wasn’t sure how the (self) actually worked.What if I were to use it with my domain? * ```wp-block-code Permissions-Policy: geolocation=("https://www.mywebsite.com"), microphone=() ``` * [farroyo](https://wordpress.org/support/users/farroyob/) * (@farroyob) * [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/#post-17878079) * Hi again, * The effect of using your own domain should be the same as using self, but please pay attention, because maybe you have enabled access to your website with and without the “www.” prefix, and those are two different permissions scenarios. In that case you should add both. That is why it is more recommended to use “ self”, in my opinion it is more elegant. * Best regards, * Thread Starter [jimk1416](https://wordpress.org/support/users/jimk1416/) * (@jimk1416) * [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/#post-17878231) * Hey [@farroyob](https://wordpress.org/support/users/farroyob/) * Understood. Great explanation. Thanks again for your time and the quick reply Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Security Header’ is closed to new replies. * ![](https://ps.w.org/wp-store-locator/assets/icon-256x256.jpg?rev=1007784) * [WP Store Locator](https://wordpress.org/plugins/wp-store-locator/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-store-locator/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-store-locator/) * [Active Topics](https://wordpress.org/support/plugin/wp-store-locator/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-store-locator/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-store-locator/reviews/) ## Tags * [headers](https://wordpress.org/support/topic-tag/headers/) * 6 replies * 2 participants * Last reply from: [jimk1416](https://wordpress.org/support/users/jimk1416/) * Last activity: [1 year, 10 months ago](https://wordpress.org/support/topic/security-header-3/#post-17878231) * Status: resolved