Search the Community
Showing results for tags 'security'.
Found 24 results
-
Site URL: https://securityheaders.com/ Hi, Square Space Support has directed me to the forum. Just wondering if anyone has been successful in adding in security headers to a square space site. If you scan with the above url you will see the missing headers. Support recommended injecting html but that is a client side solution to a server side requirement. After looking into this one in more detail it looks like none of those techniques will work as they are client-side rather than server-side. Chrome, for example, will ignore x-frame-options when it's in a meta tag and so we would
-
I am a designer and am making a new site to house my portfolio. I need to ensure that the only way someone could find/view my content is if I have provided them with my URL and password to enter the site. The company I work for restricts what work can be shared with the public, even if it wasn't considered confidential information. I am also concerned with folks downloading or pulling the images off of my site. Are there ways to prevent that? Any help is appreciated! -
Site URL: http://www.studioblanc.co.nz/ I have recently just set up my website and see that when people go to purchase a product it says not secure etc etc as well as having that in the URL so I have made sure all the SSL is right on the website and it still says processing- I am aware it can take up to 72 hours buuuuuut... I transfered the domain that I had already purchased to Squarespace (though nothing was ever set up for this is was just simply a domain to ensure no one else brought it) will this still work or do I need to do some other stuff? -
I have already raised this issue with Squarespace Customer Care (Support Request #4378187) over 24 hours ago but no response whatsoever as yet. "Live Chat" seems to be permanently closed? Google no great help to this stage. I thought/hoped perhaps somebody here may have had a similar experience? We have been advised by a coporate client that visiting our well established Squarespace site is triggering a Firewall Alert/block. Context of the specific Alert is below. The firewall alert is being detected by Fortigate (https://www.fortinet.com/products/next-generation-firewall.html) IP 198
-
squarespace HSTS is broken -- can someone please fix?
charles_h posted a question in Coding and Customization
Site URL: https://www.havenconnect.com currently squarespace does not allow adding HSTS directives like `includeSubDomains` or `preload`, and they don't allow modifying the `max-age` directive to a year or more. based on my understanding of HSTS, this prevents domains using squarespace from being eligible for preloading. more info here: https://scotthelme.co.uk/hsts-preloading/ i'm not a security expert so my first question is this: am i correct in understanding squarespace's HSTS implementation does not force all users to HTTPS? second question: if my understanding is correct -
Site URL: https://www.ausliebezumhaustier.de Hi, i think a lot of people have the same challenge here with implementing GDPR or CCPA. Anybody with a good, working and cost-effective (or free) tool? I've tried Google https://fundingchoices.google.com/p/d2c40879b32a7b93/ (Free) Quantcast Choice https://www.quantcast.com/ (Free) Cookie First http://www.cookiefirst.com (Paid) Nothing is working for me (f.e. Outbrain is firing without consent on all three) Any suggestions? Any experience with Cookie Consent Cookie Control OneTrust
-
Hi, If I want to obtain health information of a client, can I make sure that it's secure through squarespace? I saw this article: https://support.squarespace.com/hc/en-us/articles/360028867231-Squarespace-and-HIPAA but I can't tell if this is only for the scheduling tool; and even if I do subscribe to Scheduling, is signing a BAA sufficient? Thanks in advance
-
I've currently drafting/creating a Cookie Banner for GDPR reasons, and was wondering if it's possible to add an 'X' button to close/ignore the pop up should users not wish to give consent? I can't seem to find any other style adjustments for this purpose. You can see from the screen shot that I'm trying to use the Cookies banner to allow the website user to give consent to analytic cookies + data collected via contact forms, where analytic data is turned off by default, but it would be helpful if there was a 'close banner' button if users did not want to give this type of consent and
-
Does anyone know how to block our URL in specific countries? Specifically, all of Asia and all of the Middle East. We're going through GoDaddy, but they can only block individual IP addresses, not entire countries. We run a charity in Asia and can't have our website being accessed there. Is anyone able to help, or know of someone we could hire, please? Thanks!
-
I keep getting this message of late: Error Saving: Your changes conflict with a newer version of this document. Your changes here will not be saved. According to Squarespace, it's due to multi-contributors or the same page opened elsewhere. But I don't have co-contributors and I don't have another page open. Is this pointing to a security hack? Or is this a wonky Squarespace thing?
-
None coder - Java script libraries are not up to date
coneill659 posted a question in Coding and Customization
Site URL: https://secondchanceagency.com/ Hubspot website grader says that java script libraries on the site are not up to date and need to be updated with security patch. What do I do to update this? -
Site URL: https://fullfill.coach Hi all, Hoping someone can help as the attached message shows when accessing my site from another computer. I haven't messed with any SSL settings, and so it was already set to 'Secure'. Reading through Troubleshooting guidelines, I'm assuming it's because I have used Custom Code on the site? I would really appreciate it if someone can take a look for me? PW - fullfill Thank you!
-
How can I prevent someone from scraping my content and display it in another site?
-
Third Party SSL Provider vs Squarespace SSL
Michal_Konopko posted a question in Coding and Customization
Hey, quick question. My client bought as SSL form third part providers and she wants me to connect it to the SQ website. I forgot to tell her that SQ space has SSL included. So my questions is: - Can I connect it to SQ Space (https://www.names.co.uk/ssl) - Is there any difference between SQ space SSL and https://www.names.co.uk/ssl ? Is one better than the other? Any difference? - I want to suggest to my client to stick to SQ space SSL and don't bother with third party provider? What you think? I have no knowledge how the SSL protocols work. T -
Site URL: https://www.merze-lifestyle.com I would like to block an IP address from entering into my website but I am on Squarespace 7. Is there custom code that needs to be created? Or do I need a third party application to achieve this? I am not a coder and so I would need to have help if custom coding is required. Thank you, Mary
-
In February, I asked about the ability to add security headers to a Squarespace site (e.g. XSS protection). I was told this was not currently supported and would need to be requested as a new feature. Support chat = https://support.squarespace.com/hc/en-us/requests/new?ticket_form_id=360000388052 Subsequently, I've seen a reference to the ability to add headers in Settings | Advanced | Header (linked below). Please could you confirm whether this function will support the use of security headers on the infrastructure managed by Squarespace. Many thanks
-
Squarespace appears to have a re-direction vulnerability
jdawson posted a question in Coding and Customization
Site URL: http://bitstop.ca I was notified by Google today of a vulnerability on my website. On more investigation I found that the vulnerability is in the squarespace re-direct engine on the old versions of squarespace. http://bitstop.ca/process/Redirect?url=http://ministeriobetinho.com.br/popup_image1/screenshots.php/kpw/dvq/?island=ed1tvc0qq5v9fy5 You can see the above re-direct sends to an ad site and you can edit the url to really go anyplace you like. I reached out to Squarespace but wonder if anyone else has seen this issue or is aware of it? -
Some images on a website that has an SSL certificate are still displaying as http instead of https, thus causing those webpages to display as 'not secure' by Google. Is there an easy way to switch over all images on a site like this so that they are https instead?
-
Hi all, I have an acquaintance who's wondering if there are any site builders or publishing platforms that don't use cookies on the user-facing end of the site. She doesn't need user membership features, so that shouldn't be a problem. Is there any way to build a Squarespace Site that doesn't need cookies? And is there any way to do it while still getting some basic analytics? Any help would be much appreciated. -
Hey whats going on ya'll I'm running a content site dedicated to fitness and nutrition science I sell a product by monthly suscription - Essentially I release 5 new workouts every month to suscribers for different purposes. While squarespace does let you sell digital products with a secure link, you can't do it with suscriptions What would be the best way for me to go about doing this in a way that keeps my digital product secure? Thank you
-
Microsoft Security Essentials blocking website in Internet Explorer due to video banner from Youtube. -
I would like to create a password login followed by a data form which will generate a code to get into my site How do i go about doing this?
-
Hi I would like to stop access to a squarespace site (or a subset of pages) until the viewer has accepted a disclaimer: Can anyone advise on the best way to do this in squarespace? Thoughts: Use marketing pop-up? Inject javascript or html/css? thanks in advance J -
I have two codes for two different pages I'm trying, but neither of them are showing. I have tried logging out as admin (because I saw that was an issue for others) but it still is showing up blank on both pages. Another admin tried on his computer and it showed him the attached message.
