2 Security Header inactive if Cloudflare is active

khwebhelp · September 15, 2022, 5:28pm

Hi you all! My security headers “Permission Policy” & “Content-Security-Policy” (correctly setted inside my server hosting) ,when Cloudflare is active, start to became inactive!

lf i try to scan online every these 3 websites here: https://securityheaders.com/.
(adslovunqueflat.com - banchedati.eu mobilimalandroneintoscana.com)

before and after having Cloudflare in pause i can notice the difference.

Do you kinow which is the Cloudflare function that can give that issue?
I’ve just clean every caching setting before to write here…without results.
Thanks for your help!

fritex · September 15, 2022, 8:40pm

I’d suggest you adding the missing ones by using Transform Rules → Modify Response Header.

Helpful article:

sdayman · September 16, 2022, 1:22am

They’re not inactive. You’re just blocking those tests:

khwebhelp · September 16, 2022, 9:36am

Thank you very much for your help fritex!

khwebhelp · September 16, 2022, 9:38am

Hi sdayman and thank you too for your suggestion. Do you think that’s could als been happend due a Cloudflare asn or ip bot blocked manually by my side?

system · October 1, 2022, 9:38am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.