Bot Fight mode Removing Security headers

Hi, I’m no developer but i’ll try to explain it as best as I can

I make a website with WordPress and I added a few security headers to my .htaccess file untill my rating on securityheaders.com was A. all 6 out of 6 headers were properly implemented.

After activating Bot Fight mode some issues started on the site and the Security Headers are not showing anymore and I get an F as the score in Securityheaders.com

why could that be? How do I not lose the functionality of an important tool like Bot fight mode?

Bot Fight Mode doesn’t remove headers.

SecurityHeaders is probably getting blocked by Bot Fight Mode, so it’s not actually reaching your site.

1 Like

What does it mean?
I also get 403 error 50% of the time when trying to access my admin area.
as well as some weird error I’ve never seen before.

It means that Security Headers, like many scanners, is considered to be a Bot. If you want to scan your site, you should disable Bot Fight Mode before you scan. Then turn it back on when you’re done.

I still get an F score which shows 1/6 security headers, so the bot is able to scan my site.
I also found a few options in CF that lets me enable to more going to a total of 3/6

unless the bot scanner can still only scan some of it, which is why it still shows some results but not all of them?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.