After migrating my website from Joomla 3.10.3 to Joomla 4.0.4 I see the following Post Installation Message.
HTTP Security Headers
Since version 4.0.0
Joomla! comes with a built-in set of tools that help you to handle http security headers. These headers help your browser for example to protect your website from XSS and Clickjacking attacks.
You can find more details in the HTTP Header Management Tutorial in the Joomla! Documentation.
LINK: Enable Default Security Headers.
The LINK activates the System - HTTP Headers Plugin.
This enables adding security headers as well as SSL Redirect as well as HSTS.
I am using Admin Tools + Htaccessmaker.
MyJoomla audit shows that all security headers, SSL Redirect and HSTS are OK without enabling the above plugin.
Should website users, who use Admin Tools Htaccessmaker + confirm all security headers are OK using MyJoomla, ignore this new plugin?
Rather than configure and publish it (duplication?).
Thanks you for your support.
|Joomla! version (in x.y.z format)||4.0.4|
|PHP version (in x.y.z format)||7.4|
|Admin Tools version (x.y.z format)||9.0.8|