security risk assessment

Signed-off-by: Jeff <jeff@gotenzing.com>

@@ -53,6 +53,13 @@ define( 'DB_COLLATE', '' );
 define('ALLOW_UNFILTERED_UPLOADS', true);
 define( 'WPCACHEHOME', __DIR__.'/wp-content/plugins/wp-super-cache/' );
 
+header('X-Frame-Options: SAMEORIGIN');
+
+@ini_set('session.cookie_httponly', true); 
+@ini_set('session.cookie_secure', true); 
+@ini_set('session.use_only_cookies', true);
+
+
 //Disable automatic updates
 //Disable update notifications
 define( 'DISALLOW_FILE_MODS', true );

+<?php
+# time to code

+<?php
+# time to code

+<?php
+# time to code

+msgid ""
+msgstr ""
+"Project-Id-Version: Headers Security Advanced & HSTS WP\n"
+"POT-Creation-Date: 2021-11-04 20:22+0000\n"
+"PO-Revision-Date: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Poedit 2.4.2\n"
+"X-Poedit-Basepath: .\n"
+"X-Poedit-KeywordsList: _e;__\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"Last-Translator: \n"
+"Language: it\n"
+"X-Poedit-SearchPath-0: ..\n"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:109
+msgid "Please upgrade to the latest version of WordPress to activate"
+msgstr "Effettua l’aggiornamento all’ultima versione di WordPress"
+
+#. Plugin Name
+#: ../includes/headers-security-advanced-hsts-admin-login.php:109
+#: ../includes/headers-security-advanced-hsts-admin-login.php:141
+#: ../includes/headers-security-advanced-hsts-admin-login.php:168
+msgid "Headers Security Advanced & HSTS WP"
+msgstr "Headers Security Advanced & HSTS WP"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:142
+msgid ""
+"This option allows you to set a networkwide default, which can be overridden "
+"by individual sites. Simply go to to the site’s permalink settings to change "
+"the url."
+msgstr ""
+"Questa opzione consente di impostare un valore predefinito per l’intera "
+"rete, che può essere ignorato dai singoli siti. Basta andare alle "
+"impostazioni permalink del sito per modificare l’URL."
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:145
+msgid "Networkwide default"
+msgstr "Predefinito per l’intera rete"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:175
+msgid "Login url"
+msgstr "Url di accesso"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:183
+msgid "Redirect URL"
+msgstr "
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:226
+#, php-format
+msgid ""
+"To set a networkwide default, go to <a href=\"%s\">Network Settings</a>."
+msgstr ""
+"Per impostare una rete predefinita ampia, andate a <a href=\\”%s"
+"\\”>Impostazioni di rete</a>."
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php.php:235
+msgid "Use the slug name, example: "contact-me" - DO NOT USE the full website URL. If you leave the above field empty the plugin will add a redirect to the website homepage."
+msgstr ""
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:250
+#, php-format
+msgid ""
+"Your login page is now here: <strong><a href=\"%1$s\">%2$s</a></strong>. "
+"Bookmark this page!"
+msgstr ""
+"La tua pagina di accesso adesso si trova qui: <strong><a href=\\”%1$s\\”>"
+"%2$s</a></strong>. Metti questa pagina nei preferiti!"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:256
+#: ../includes/headers-security-advanced-hsts-admin-login.php:258
+msgid "Settings"
+msgstr "Impostazioni"
+
+#: ../includes/headers-security-advanced-hsts-admin-login.php:275
+msgid "This feature is not enabled."
+msgstr "Questa funzione non è abilitata."