 In this video, I'm going to show you step-by-step how to install security headers in AWS LightSale using AWS WordPress Instance. HTTP security headers are a set of HTTP headers that provide additional security for web servers, browsers and internet service providers. They are used to protect against various attacks such as cross-site scripting and clickjacking. Now, before we begin, you could go to securityheaders.com and check your security report summary. As you can see, you have to put your URL in here and scan your website. And this will give you your summary. Now, the first thing that you will need is to have access to your LightSale account, just like I do, because we're going to be using the terminal from here. And also, you will need to be able to connect to your web server through FTP. And for this, I'm going to be using FireZilla. So the first thing that I'm going to do is connect to the server by going to File, Site Manager, and then I've already got my credentials in here. So I'm going to click Connect. Once in here, we are getting the directory slash home and Bitnami. We actually need to change this. So the directory that we need to go initially is the OPT slash Bitnami slash Apache slash config and slash vhost. Obviously, in future, that might change. But as of now, this is the correct folder. And the file that we are after is the WordPress dash vhost.conf. So I'm going to drag this out. And the next file that we need, I'm going to drag it in here so we can see it. And the next file that we need is going to be under HT access. So if you go under this folder, so at the moment we are in OPT, Bitnami, Apache, config, vhost and slash HT access. Now, let's track this file out as well. And I'm going to move it below here. And now let's open both files. And I'm going to open them in Visual Studio Code. Now, the first file that we need to look into is the WordPress dash vhost.conf. And the line that we need to change, let me zoom in. And the word that we're looking for is this allow override none. So we need to change this to all. And this will allow this HT access file to be read. So the next thing that we need to do is go to this WordPress dash HT access file. And underneath here where we have directory, this is the opening tag. And if it's gone down a little bit more, we have the closing tag. So underneath here is where we're going to paste the security headers. So they look just like this. So I've tested this on my website and it works absolutely fine. But you need to note that you're going to have to modify some of the headers to work for your website because, for example, inside here, we've actually disabled the camera, the microphone and the geolocation. So you might, that might actually break your website if you have functionality that uses those and so on. So you might have to research every single security header and maybe add them one by one if you have any problems saying this, save both files, control and s, control and s, and now minimize this. Let's go back to filezilla and go back to the original directory where we have vhost. And the first thing that I'm going to do is instead of dragging this over and replacing the file, I'm actually going to do right click and rename this. And I'm going to rename this as something like original. Now, the reason we're doing this is because replacing it sometimes doesn't work. So you might as well either rename this or delete it. And now we can drag the one that we just modified. Now, the next thing that we need to do is restart Apache. In order to do this, let's go back to the browser and go to your light cell instance where you have your instance inside here. You can click on the little terminal icon and dash it open a new window. This looks a little blurry because I'm zoomed in quite a bit, but it doesn't really matter. And the code that you need to put, I'm going to do right click and paste. And the code is sudo, which gives us root access. And then this is going to be slash OPT slash bitnami slash control script dot SH restart and then Apache press enter. And if you see restarted Apache, this is a good sign. And now all security headers should work. So go back to the scanner here, security headers.com and rescind my website. You might notice that nothing actually changed. Now, in my case, this is because I need to clean my website cache. Now, for most of you, you can go to your dashboard and go here at the top and go to your plugin that does the caching. And for example, I'm using the VP rocket. And then you can click on clear and preload cache. And that will solve your issue and your security headers will be done. But because I'm using a CDN, I'm actually going to have to go to the website that I'm using, which in this case is stack path. And I'm going to have to purge my cash from here like so. As I said, for most of you, you should be able to do this from your dashboard in here. All right. Now that I've cleaned the cache, now that I've purged the cache, I can go back to the security headers and let's rescan. Okay. As you can see, we have a plus now. We have all the security headers in here. And now you should go to your website, test there. And if there are any problems, obviously modify the headers and so on. One thing that I need to mention is that everything you change your security headers, you do need to restart Apache. And normally you can just press the up arrow. And this will bring the restart Apache code that you've written last. And just press enter. And that's pretty much it. I hope that you found this useful. Consider subscribing. And hopefully I will see you in the next one.