Content-Security-Policy directive

Dear Community,
I have a problem with finding the solution for Content-Security-Policy directive when I scan my website with that shows I need Hardening Improvements Security Headers ( Content-Security-Policy directive ) It use to working with .htaccess placing Header set Content-Security-Policy “script-src ‘none’;”

Any advice welcome, please
Thank you in advance.


If you want to add this on Cloudflare, you can do so using a Worker script which adds that particular header.

Hi, Sandro, Can you tell me how I can do that? I will very much appreciated

You will need to create a Worker script and map that to your domain. The full documentation is at Also keep in mind, this will be a paid feature if you exceed the free limit.

Probably the easier way is to simply re-configure your own webserver, however that would be off-topic here and best discussed at StackExchange and alike.

This topic was automatically closed after 30 days. New replies are no longer allowed.