Welcome! The AIBMS Authipay plugin now includes an exciting addition: Content Security Policy (CSP) in report-only mode. Think of it as a vigilant observer, identifying potential security threats without disrupting your site’s functionality. This guide will walk you through what this feature means for you and how to adjust it to fit your needs.
CSP report-only mode acts like a security audit, flagging up issues such as suspicious scripts without blocking them. This allows you to assess and address security vulnerabilities based on real-world data, ensuring your site remains both secure and user-friendly.
We’ve activated CSP report-only mode by default to offer you immediate security insights:
If you have specific security configurations in mind or prefer to handle things differently, you might opt to disable CSP report-only mode. Here’s how:
functions.php
file within your active WordPress theme’s directory (wp-content/themes/your-theme-name/
).
This code deactivates CSP report-only mode for your site.
Before turning off CSP report-only mode, consider the value of the insights it provides in identifying potential threats. Ensure you have a robust security strategy in place to protect your site and its visitors.
The introduction of CSP report-only mode in the AIBMS Authipay plugin is a testament to our commitment to your site’s security and efficiency. Whether you choose to utilise this feature or disable it, this guide is designed to help you navigate your options with ease and confidence.
Q: Does disabling CSP report-only mode impact my site’s security?
A: Disabling this mode means you won’t receive alerts about potential security issues, which could be invaluable for proactive security management. Ensure you have alternative security measures in place.
Q: Can I re-enable CSP report-only mode if I change my mind?
A: Yes, you can re-enable CSP report-only mode at any time by removing the CSP_BYPASS
code or setting it to false
in your functions.php
file or remove the code define(‘CSP_BYPASS’, true); .
Q: Is it essential to have another security strategy if I disable CSP?
A: Yes, maintaining a secure website is crucial. If you decide to disable CSP report-only mode, make sure you implement other security practices to safeguard your site against threats.
Was this helpful?
Our team are on hand to provide fast, helpful and professional support.
Start exploring our fully functional demo site today.
Gain exclusive admin access to see what's possible.