I’m running into an issue where my Pickaxe-published subdomain (sensaitriad.writerswithoutwalls.com
) is being flagged during security checks for missing security headers (e.g., Content-Security-Policy, X-Frame-Options, etc.). Since the content is directly published by Pickaxe, I’m unable to modify the .htaccess
file or inject the necessary headers myself.
I explored the option of creating a .htaccess
file manually, but since Pickaxe handles the publishing, changes there won’t apply. My hosting provider suggested using a proxy domain setup to manage these headers externally.
Could you provide guidance on:
- Whether Pickaxe supports injecting custom security headers for published sites?
- If not, any best practices or recommendations for setting up a proxy domain to resolve this issue while keeping the site functional?
Your advice would be greatly appreciated!