Content-Security-Policy directive

Dear Community,
I have a problem with finding the solution for Content-Security-Policy directive when I scan my website with https://sitecheck.sucuri.net/results/https/www.thrillofasia.com.au that shows I need Hardening Improvements Security Headers ( Content-Security-Policy directive ) It use to working with .htaccess placing Header set Content-Security-Policy “script-src ‘none’;”

Any advice welcome, please
Thank you in advance.

Sonny

If you want to add this on Cloudflare, you can do so using a Worker script which adds that particular header.

Hi, Sandro, Can you tell me how I can do that? I will very much appreciated

You will need to create a Worker script and map that to your domain. The full documentation is at https://developers.cloudflare.com/workers/. Also keep in mind, this will be a paid feature if you exceed the free limit.

Probably the easier way is to simply re-configure your own webserver, however that would be off-topic here and best discussed at StackExchange and alike.