Prevent WordPress from sending set-cookie http header

For some reason WordPress is setting "Set-Cookie" in the header of the entire site, this is telling my cache server not to cache the page, I tried to remove it via .htaccess, but it disabled the entire site and not I was able to log in more to the admin panel

How can I remove the "Set-cookie" from the http headers only on the frontend of my website? This is in the home, tags, search, blog, etc…

curl -I https://meusite.comHTTP/1.1 200 OK Date: Sun, 12 Sep 2021 22:19:41 GMT Set-Cookie: ppwp_wp_session=0000000000000000000000000000000000000000000000000 expires=Sun, 12-Sep-2021 22:49:41 GMT; Max-Age=1800; path=/ cache-Control: public s-maxage=230 Link: <https://meusiet.com/wp-json/>; rel="https://api.w.org/" Link: <https://meusiet.com/wp-json/wp/v2/posts/1087>; rel="alternate"; type="application/json" Link: <https://meusiet.com/?p=1087>; rel=shortlink Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked X-CACHE: miss Alt-Svc: clear 

Azure CDN from Verizon Premium HTTP to HTTPS redirect

I have created an Azure CDN endpoint (like example.azureedge.net) using Verizon Premium Pricing Tier.

I want to create a rule to redirect to the HTTPS protocol (like https://example.azureedge.net) whenever a user uses the HTTP protocol (like http://example.azureedge.net).

How can I achieve this using the rules engine of Azure CDN from Verizon Premium?

Menu links only using http after enabling https, unable to redirect http links

I have a WordPress website on a Bluehost shared hosting server and since I have multiple websites in my space, I have this particular folder in its own folder under public_html. This means that I have an .htaccess file in public_html, which redirects my domain to the specific website folder. I also have another .htaccess file in the website folder, which has some WordPress settings and a redirect for non-www URLs. I’ve tried adding this http -> https rule in both .htaccess files, but it has no effect:

<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_HOST} ^marioparra\.me [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$   https://www.marioparra.me/$  1 [R,L] </IfModule> 

I’m also having related issues with menu links in WordPress. Even though my WP and site addresses contain https, my menu links are rendering with http. This happens if I use a custom link with just the anchor ID or full URL. Could anything in the .htaccess file be interfering? Why would my http -> https rule be ignored?

Sitemap urlset http or https [duplicate]

I am a Static User I write my all pages and sitemap with pure html css code, I have a question that in sitemap I am using http xmlns in order to make my sitemaps so is it allowed to add https or http is better that’s why all are using it.

<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd"> 

So in the above I would like to ask that is it allowed to use https xmlns?

Prevent Firefox from sending a user-agent string in HTTP requests [closed]

I was recently experimenting with HTTP requests and got curious about user agents. In particular, I’d like to know if it’s possible to prevent a browser (in my case Firefox) from including the user agent string in requests. Now, I know there are extensions that modify the string, but that’s not what I’m looking for. I would like to know if the string can be omitted completely.

Thanks

How to create OAuth client ID for new ASW ec2 instance under http?

Hallo,
I installed ASW ec2 instance
with Selected Ubuntu 20, Free tier eligible
and I got instance with root like

http://ec2-NN-NN-NN-NN.eu-central-1.compute.amazonaws.com/
Code (markup):

I have installed laravel 8/vuejs app and my app using OAuth client ID
For my local server (Ubuntu 18 on my laptop) I created client key with url

http://127.0.0.1:8000
Code (markup):

But I failed to make the similar for my ASW ec2 instance : https://imgur.com/a/tIQiPAe
1) If there is a way to create OAuth…

How to create OAuth client ID for new ASW ec2 instance under http?

Should I remove HTTP to HTTPS redirects to fix performance problems reported by Google Pagespeed Insights?

I have created a brand new website in which I publish various computing services I suggest to potential customers.

As far as I know, no other website on the World Wide Web links to that website and today in nearly mid 2021 when people create backinks, they normally just make them "example.com" (no http:// or https:// and no www.).

After testing the website in Google Pagespeed Insights I got only one error about slow loading times due to the specific reason of four redirects:

http://example.com | 630 ms https://example.com | 480 ms http://www.example.com | 630 ms https://www.example.com | 480 ms 

While I need the www. for a CDN to protect from possible DDoS attacks and using HTTPS as a web standard, principally I would never create non HTTPS backlinks to my website and don’t worry from anyone on the planet doing that.

Given the current HTTPS culture and my site being currently backlinkless, should I remove HTTP to HTTPS redirects to fix performance problems reported by Google Pagespeed Insights?

Update — current .htaccess redirection directives

RewriteEngine On RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$   http://www.%{HTTP_HOST}/$  1 [R=301,L] 

Major search engines redirect an HTTP link to a scammy pharmacy site

There is an HTTP website (not HTTPS) that works perfectly fine when the URL is directly typed into the address bar or when links are clicked from other websites/applications like Reddit, Facebook, and Discord.

The exceptions are the major search engines: Google, Yahoo, and Bing. When clicked from one of these sites, it is redirected to a scammy pharmacy site with one of many different domain names. This occurs in Chrome, Firefox, and Edge; it also occurs on Android smartphones. (Bing only does this in Chrome; it works fine in Firefox and Edge.) This issue occurs for multiple people on many different devices.

Interestingly, other search engines (Dogpile, Baidu, Ask, DuckDuckGo, Yandex, etc.) seem to work fine.

What could be the cause of this behavior? Do the search engines or the website need to be fixed, and how? Would converting to HTTPS help, and why?

The website in question is bluefurok.com. I am not the webmaster, but as a programmer and web developer I am curious about this issue.

Google Domains won’t redirect `http` to `https` when Bluehost handles the DNS and website

I have a website hosted on bluehost, but using a domain from Google domains. I am trying to force it to always redirect http://example.io -> https://example.io from the google domains site.

However, when I add the redirect, I get the following error:

This synthetic record has an error and will not function correctly: We had a temporary issue creating your SSL certificate. We will automatically keep trying to resolve this issue. 

enter image description here

We have it setup to redirect permanently using SSL: enter image description here

We are using bluehost name servers. Are we missing something here?

Data being edited in .opvn config when vpn app http gets .opvn files from my host. Adds my wordpress site code and removes the config

I have a VPN app that pulls .ovpn files from a folder on my website /home/mywebsitename/public_html/remoteovpn When I add the .opvn files to this folder and my app pulls them from https request. You can go to the files in the browser link, you can see them and read all the config no problem even dl them. But when my app pulls the files it gets the file names and makes the .opvn files, but edits the files with my website wp theme data, not the .ovpn config data. I can’t figure why it is doing this. Any help would be appreciated been trying for 2 days

VPS with CentOS 7 and cPanel with wordpress theme