Translations

Are you sure you want to reset Defender's settings back to the factory defaults?

Are you sure you want to reset Defender's settings back to the factory defaults?

Increase the visibility and accessibility of elements and components of this plugin's interface to meet WCAG AAA requirements.

Increase the visibility and accessibility of elements and components of this plugin's interface to meet WCAG AAA requirements.

Enables XSS filtering. Rather than sanitizing the page, the browser will prevent rendering of the page if an attack is detected.

Enables XSS filtering. Rather than sanitizing the page, the browser will prevent rendering of the page if an attack is detected.

If a cross-site scripting attack is detected, the browser will sanitize the page (remove the unsafe parts).

If a cross-site scripting attack is detected, the browser will sanitize the page (remove the unsafe parts).

Block

Block

Sanitize

Sanitize

Deny

Deny

Sameorigin

Sameorigin

Browser Caching

Browser Caching

Include Subdomains

Include Subdomains

If this optional parameter is specified, this rule applies to all of the site's subdomains as well.

If this optional parameter is specified, this rule applies to all of the site's subdomains as well.

Note: Do not include the preload directive by default if you maintain a project that provides HTTPS configuration advice or provides an option to enable HSTS. Be aware that inclusion in the preload list cannot easily be undone. Domains can be removed, but it takes months for a change. Check <a id="hsts-info-link" target="_blank" href="%s">here</a> for more information.

Note: Do not include the preload directive by default if you maintain a project that provides HTTPS configuration advice or provides an option to enable HSTS. Be aware that inclusion in the preload list cannot easily be undone. Domains can be removed, but it takes months for a change. Check <a id="hsts-info-link" target="_blank" href="%s">here</a> for more information.

Google maintains an HSTS preload service. By following the guidelines and successfully submitting your domain, browsers will never connect to your domain using an insecure connection.

Google maintains an HSTS preload service. By following the guidelines and successfully submitting your domain, browsers will never connect to your domain using an insecure connection.

HSTS Preload

HSTS Preload

The HTTP Strict-Transport-Security response header (HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP. This is extremely important for websites that store and process sensitive information like ECommerce stores and helps prevent Protocol Downgrade and Clickjacking attacks.

The HTTP Strict-Transport-Security response header (HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP. This is extremely important for websites that store and process sensitive information like ECommerce stores and helps prevent Protocol Downgrade and Clickjacking attacks.