Sponsoring and Donation
You use this extension in an commercial context and / or want to support me and give something back?
There are two ways to support me right now:
- This extension is part of Github Sponsors by sponsoring me, you help me continue my oss work for the Joomla! Project, write bug fixes, improving features and maintain my extensions.
- You just want to send me an one-time donation? Great you can do this via PayPal.me/zero24.
Thanks for your support!
This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers
The implemened rules are:
- Step 1: Allow requests from browsers which don't send Fetch Metadata
- Step 2: Allow same-site and browser-initiated requests
- Step 3: Allow simple top-level navigation and iframing
- Step 4: Opt out endpoints that are meant to serve cross-site traffic (Optional)
- Step 5: Reject all other requests that are cross-site and not navigational
Initial setup the plugin
- Download the latest version of the plugin
- Install the plugin using
Upload & Install
- Enable the plugin
System - FetchMetadataform the plugin manager
Now the inital setup is completed.
Please note that my update server only supports the latest version running the latest version of Joomla and atleast PHP 7.2.5.
Any other plugin version I may have added to the download section don't get updates using the update server.
Issues / Pull Requests
You have found an Issue, have a question or you would like to suggest changes regarding this extension?
Open an issue in this repo or submit a pull request with the proposed changes.
Beyond this repo
This plugin is intended as backport for an upcomming PR against the core CMS 4.1.