rebase from live enviornment

2024-01-09 22:14:20 -05:00
parent ff0b49a046
commit 3a22fcaa4a
15968 changed files with 2344674 additions and 45234 deletions
--- a/wp/mu-plugins/cache-control.php
+++ b/wp/mu-plugins/cache-control.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * Exclude Campaign cron from cache
+ */
+
+$regex_path_patterns = array(
+  '#^/iper_cron/?#',
+);
+
+foreach ($regex_path_patterns as $regex_path_pattern) {
+  if (preg_match($regex_path_pattern, $_SERVER['REQUEST_URI'])) {
+    add_action( 'send_headers', 'add_header_nocache', 15 );
+
+    break;
+  }
+}
+function add_header_nocache() {
+      header( 'Cache-Control: no-cache, must-revalidate, max-age=0' );
+}
--- a/wp/mu-plugins/security-headers.php
+++ b/wp/mu-plugins/security-headers.php
@@ -0,0 +1,28 @@
+<?php
+/*
+Plugin Name: Security Headers
+Plugin URI: https://www.medicalalert.com
+Description: Add security headers
+Author: Connect America
+Version: 0.1
+Author URI: https://www.medicalalert.com
+*/
+
+add_action('send_headers', function(){
+    // Upgrade HTTP requests to secure HTTPS
+    header("Content-Security-Policy: upgrade-insecure-requests;");
+    // Enforce the use of HTTPS
+    header("Strict-Transport-Security: max-age=31536000; includeSubDomains");
+    // Prevent Clickjacking
+    header("X-Frame-Options: SAMEORIGIN");
+    // Block Access If XSS Attack Is Suspected
+    header("X-XSS-Protection: 1; mode=block");
+    // Prevent MIME-Type Sniffing
+    header("X-Content-Type-Options: nosniff");
+    // Referrer Policy
+    header("Referrer-Policy: no-referrer-when-downgrade");
+}, 1);
+
+
+
+