Hey! I'm having CSP issues on my wordpress website.
I have just had the site setup on an AWS E2 instance, running through SSH on an ubuntu server.
In the backend & frontend of wordpress, I get console errors about Content Security Policy issues, as it is blocking inline scripts that wordpress creates.
I believe this is an issue with my apache configuration. Could you please help me out, and suggest what I can do to solve these issues? I don't want to use "unsafe-inline", because it's not safe, but I want my Apache to be configured correctly.
Here is my website url, please check the console errors:
https://verifeye.online
It's a clean version of wordpress, no plugins or anything else has been added.
Here's an example of not being able to use the wordpress admin panel – it says that js isn't enabled, but it is, the CSP is blocking it from the site.
Check your apache headers.conf for Content Security policy related directives. If not there, perhaps the .htaccess file at the root of WP install.
Or [this wp plugin](https://wordpress.org/plugins/headers-security-advanced-hsts-wp/) could help