WordPress.org

Profiles

  • Member Since: February 15th, 2014
  • Location: Exeter, UK
  • Website: waters.me
  • Find me on:
  • Posted a reply to Error parsing header X-XSS-Protection, on the site WordPress.org Forums:
    Looks like it is nginx appending its value to the header set by the plugin.…

    7 months ago

  • Posted a reply to Error parsing header X-XSS-Protection, on the site WordPress.org Forums:
    Can you explain where you see the error, what page, what browser etc. Looks like…

    7 months ago

  • Posted a reply to Headers Supported, on the site WordPress.org Forums:
    The plug-in doesn't try and address Content-Security-Policy, as this would require adjustments for themes and…

    7 months ago

  • Posted a reply to Plugin doesn’t save settings!, on the site WordPress.org Forums:
    For preload they have specific requirements for the superdomain "digitalmnemes.it" as stated on thepage you…

    8 months ago

  • Posted a reply to Plugin doesn’t save settings!, on the site WordPress.org Forums:
    Hi, it looks like you have WordPress 5.2.3, I tried on recent WordPress and the…

    8 months ago

  • Committed [2039925] to Plugins Trac:
    Tested to 5.1

    1 year ago

  • Posted a reply to save button does not work?, on the site WordPress.org Forums:
    Okay I've pushed 1.1 which fixes the missing close anchor tag which is the cause…

    1 year ago

  • Committed [2039916] to Plugins Trac:
    Correct missing close tag which broken save button in recent WordPress

    1 year ago

  • Posted a reply to save button does not work?, on the site WordPress.org Forums:
    Embarrassingly no, looks like it broke in a recent update to WordPress, as my blog…

    1 year ago

  • Posted a reply to Access Denied, on the site WordPress.org Forums:
    The error sounds line MOD_SECURITY, which applies rules to requests to deny them. Alas because…

    2 years ago

  • Posted a reply to GDPR – Any website visitor personal data collected by plugin?, on the site WordPress.org Forums:
    Thanks for the question. The plugin is currently entirely self contained, and there is no…

    2 years ago

  • Posted a reply to A new security header: Feature Policy, on the site WordPress.org Forums:
    Good question, and thanks for asking. I haven't reached a view on it yet. I've…

    2 years ago

  • Posted a reply to Dosent have any affect?, on the site WordPress.org Forums:
    Glad to hear you resolved it. I will review the documentation, it all exists, but…

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    Not sending referrer headers is common, so I don't think it signals anything bad. Yes,…

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    Referrer policy setting can break Vimeo domain privacy by suppressing Referer header.

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    Don’t sweat it. There is no downgrade, so the Referer header is sent, this allows…

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    Hi, sorry missed your first response, perils of shuffling this plugin to my personal account.…

    2 years ago

  • Committed [1937977] to Plugins Trac:
    Remove Surevine Reference

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    It may be that you have approved connections to Vimeo from http://yourdonain rather than https://yourdomain…

    2 years ago

  • Posted a reply to fantastic plugin but how to allow vimeo pro videos to show ..”, on the site WordPress.org Forums:
    Can you share a link to the site, or a test site? Nearly every time…

    2 years ago

  • Posted a reply to activated but not seeing results in test, on the site WordPress.org Forums:
    You seem to have posted this on someone else’s ticket. Please open your own. Please…

    2 years ago

  • Posted a reply to activated but not seeing results in test, on the site WordPress.org Forums:
    One of the plugins had a textbox where you listed HTTP headers to cache. Anything…

    2 years ago

  • Posted a reply to activated but not seeing results in test, on the site WordPress.org Forums:
    See the discussion under "caching plugin". https://wordpress.org/support/topic/caching-plugin-7/ But when I looked at closer at caching…

    2 years ago

  • Posted a reply to Update 1.0 Login Failure (not wp-login.php), on the site WordPress.org Forums:
    The line registering an action for login_init is the change of note. You can comment…

    2 years ago

  • Posted a reply to Multisite network configuration?, on the site WordPress.org Forums:
    Sorry for delay, had a brief look around and found little about multi-site support, so…

    2 years ago

  • Posted a reply to wp-login.php, on the site WordPress.org Forums:
    Added to source code repository for 1.0 release.

    2 years ago

  • Posted a reply to Does this work with W3 Total Cache?, on the site WordPress.org Forums:
    Okay gave this a brief try. Looks like this plugin offers HSTS setting of its…

    2 years ago

  • Created a topic, wp-login.php, on the site WordPress.org Forums:
    As author it was noted in another forum the wp-login.p…

    2 years ago

  • Posted a reply to Does this work with W3 Total Cache?, on the site WordPress.org Forums:
    Not tried it. Looks like the expectation is caching plugins should also cache headers but…

    2 years ago

  • Posted a reply to Block website redirection, on the site WordPress.org Forums:
    No, this is not the way to fix malicious plugins. Some plugins were recently sold…

    2 years ago

  • Posted a reply to Multisite network configuration?, on the site WordPress.org Forums:
    Hi Michael, I can see that could be painful, I will have to go learn…

    3 years ago

  • Posted a reply to XSS protection function, on the site WordPress.org Forums:
    Hi, WordPress applies different filters to these fields depending on your role. If you are…

    3 years ago

  • Committed [1721364] to Plugins Trac:
    update tested to 4.8.1

    3 years ago

  • Committed [1721363] to Plugins Trac:
    add requires php 5.6

    3 years ago

  • Wrote a comment on the post Hello everyone, some of you…, on the site Make WordPress Plugins:
    Have they disabled unencrypted access to WordPress Subversion repositories yet? I reported that the invite…

    3 years ago

  • Committed [1683489] to Plugins Trac:
    Tested to 4.8

    3 years ago

  • Posted a reply to Excellent, on the site WordPress.org Forums:
    Thanks for the feedback. There are a couple of newer security headers I will look…

    3 years ago

  • Posted a reply to Caching Plugin, on the site WordPress.org Forums:
    It was throw away comment in announcement for this plugin. https://waters.me/wordpress/wordpress-plugin-security-headers/ It does depend what…

    3 years ago

  • Posted a reply to Caching Plugin, on the site WordPress.org Forums:
    Yes, in most cases you can use it with a caching plugin. It would depend…

    3 years ago

  • Posted a reply to Removing STS once implemented, on the site WordPress.org Forums:
    You can deploy HSTS without "includeSubdomains", but you lose the benefits of it protecting your…

    3 years ago

  • Posted a reply to Removing STS once implemented, on the site WordPress.org Forums:
    The default is "empty" resulting is no HSTS header. Empty (literally delete everything from the…

    3 years ago

  • Posted a reply to PushCrew and Facebook Live Chat not working, on the site WordPress.org Forums:
    Hi, sorry you are having trouble. In most cases the quickest and easiest route to…

    3 years ago

  • Posted a reply to Problems installing, on the site WordPress.org Forums:
    You should see an entry "HTTP Headers" under "Settings" entry when logged in where you…

    3 years ago

  • Posted a reply to content security policy, on the site WordPress.org Forums:
    This didn't make 0.9. I'm still not convinced a meaningful CSP is workable with WordPress.…

    3 years ago

  • Posted a reply to Is the X-XSS-Protection header’s syntax valid?, on the site WordPress.org Forums:
    Done

    3 years ago

  • Committed [1598370] to Plugins Trac:
    Remove trailing semi-colon

    3 years ago

  • Committed [1598359] to Plugins Trac:
    0.9 release

    3 years ago

  • Posted a reply to Problem with Strict-Transport-Security, on the site WordPress.org Forums:
    Reverse proxy is a device a web hosting company places in front of web servers…

    3 years ago

  • Posted a reply to Problem with Strict-Transport-Security, on the site WordPress.org Forums:
    Yes, security headers wants a bigger max-age. Since the browser remembering to use HTTPS for…

    3 years ago

  • Posted a reply to Problem with Strict-Transport-Security, on the site WordPress.org Forums:
    I see orange (not red) for STS and max-age=300. So I think it worked. I…

    3 years ago