Getting Started
Deployment- Steps to Minimise or Avoid Downtime When Taking a Website Live
- Integrating Git for whole site environment
- Create Site (WordPress environment)
- How to clone an existing site on Staq
- How to create a staging site
- How to sync a staging site to production
- How to take a website live (GoLive)
- Go Live with a subdomain
- Switch an existing Staq site to a brand new Staq site
- Customizing Deployment with CLI Commands
- Images broken in Slider Revolution after migration or CDN deployment
- Smart Slider images are broken after taking my website live
- Can I migrate a site to Staq using a third-party plugin?
- How to export a website from Staq to your own hosting environment
- Accessing the Old Website or Server Using the Hosts File
- How to migrate a site to Staq
- When a migration fails
- How to create a staging site
- How to sync a staging site to production
- Transitioning Changes from Staging to Live: A Guide to Synced Modifications
- Putting a Live Site back into Dev Mode
Site Management
Backups- Creating Backups
- Restoring a backup
- How to download your backup files
- Why Don’t I See Backups for a Particular Day?
- How our backup system works (comprehensive guide)
- Organizing Websites with Labels in Staq
- How to setup Client PDF Reports
- Managing Overage Costs and Alerts on Staq
- How to Bulk Reset Website Credentials
- Resetting Password Inside Staq Doesn’t Work
- How to Reset Your Password Inside Staq Panel
- One-Click WordPress Login Feature
- Enabling Popups for 1-Click WordPress Access in Supported Browsers
- Enable automatic plugin and theme updates with regression testing and auto rollback
- How to manually update Plugins/Themes faster using Staq Plugin Manager
- How to Deactivate or Delete a Plugin Across Multiple Sites
- Update Plugins/Themes: 1-Click to update everything
- How to install or update Plugins/Themes across all sites (globally)
- How to use Global Plugins to manage plugins at scale
- Convert plugins into Global Plugins with a single click
- How to enable Maintenance Mode
- Installing a plugin on multiple websites at once
- Plugin/Theme Update Status via Email Notification
- Troubleshooting “Update Failed: Download Failed” Error
- Why some plugins may not automatically update
- My Plugins are not updating inside WordPress
- I cannot access the backend of WordPress
- How to Fix “Briefly Unavailable for Scheduled Maintenance” Issue After Site Update
- Failed to Parse the Package Metadata: How to Fix
- How to diagnose when a Global Plugin isn’t updating across your sites
- The uploaded file exceeds the upload_max_filesize directive in php.ini
- Force deactivation of plugin/theme
- How to edit plugins/themes using a file manager editor
- How does regression testing work with Plugin/Theme updates?
- How to install plugin dependencies via Composer?
- Failed to Parse the Package Metadata: How to Fix
- How to setup Bitbucket with Staq (plugin/theme only)
- How to setup Github with Staq (plugin/theme only)
- How to replace “Staq Hosting” plugin inside WordPress with my brand
- Custom SMTP to send automated emails from Staq
Caching & Performance
Caching- Enable/Disable Automatic Cache Clearing
- How to clear the cache for a selected number of pages regularly
- Disable Optimizer tool for certain pages
- How the Staq Cache Preload works
- How to cache a URL with a query string
- Staq Cache – Caching Dynamic Information
- Configure Staq Cache
- How to clear cache of all sites in Staq
- Why Staq cache is the most optimal caching solution to use
- CLI commands for Staq cache
- Disable Staq Cache
- Issues migrating to Staq because of LiteSpeed Cache
- My website design/layout is broken
- How to know when a page is cached and how to diagnose it if it isn’t
- Nonce and Cache TTL
- Fixing “Media Error: Format(s) Not Supported or Source(s) Not Found” on Videos
- Disable Optimizer tool for certain pages
- Enhancing Core Web Vitals: What web development processes to change
- Elementor: Maximise PageSpeed Insight scores with these settings
- How to Scale a WordPress Website with Staq
- How to Speed Up the Backend of WordPress & AJAX requests
- How to Increase PHP Workers
- Cost Optimization Strategies
- Assessing Memory and PHP Worker Resources
- How to Optimize Autoloaded Options in WordPress for Better Performance
- Setup Speed Optimization
- How to change the image compression settings
Security
Security- Content Security Policy Error: Causes and Solutions
- Enable Multi-Factor Authentication (MFA) on Staq
- How to Change the WP Login URL
- How to enable XML-RPC
- Staq enforces HSTS by default
- SendGrid IP Access Management
- Unblocking WordPress REST API Access
- My website uptime monitoring is showing the website is down but it’s up when I check?
- Why was an IP address blocked by Staq Firewall?
- How to ban an IP Address using Staq Firewall
- How Staq Firewall Blocks Bots Attacking Contact Forms
- How to block a country’s IP range
- Cloudflare 520 or 521 error
- How to stop DDoS attacks
- How to configure the Max Login Attempts (Firewall)
- How we block malicious comments submitted by bots
- Service Unavailable / 503 Error code and how to fix
- How to whitelist an IP address
- Staq is blocking my SEO tools with 502 or 503 server errors
- How the Staq Firewall system works
SMTP, CDN & DNS
SMTP- How to use Gmail as an SMTP service in WordPress
- Diagnosing SMTP / Email Connection, Receiving Emails
- Override Specific SMTP Global Settings
- SendGrid Integration
- Custom SMTP to send automated emails from Staq
- How to setup SMTP?
- Installing “WP Mail SMTP Pro”
- How to setup Staq Traditional CDN
- Enable Next-Gen CDN Instructions
- Increase CDN CloudFront invalidations daily limit
- How to remove the AWS S3 URLs
- Images do not show when I’m logged out
- Exclude Paths from Next-Gen CDN Cache
- Staq Next-Gen CDN vs Traditional CDN vs Cloudflare
- Integrating Cloudflare with Staq
- How to enable Cloudflare CDN on Staq
- Staq Next-Gen CDN vs Traditional CDN vs Cloudflare
- How to disable Cloudflare
- How to stop DDoS attacks
- How to use Cloudflare Proxy with a Staq hosted site
- CDN cache not clearing after changes to plugin/theme
- Is my site loading from AWS CloudFront?
- Staq Next-Gen CDN: One or more CNAME already associated with resource
- CDN issue and how to diagnose and rectify
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH with Cloudflare
- Traditional CDN Failed to Deploy Due to SSL Validation (CAA Error)
- Does Staq sell and manage domain names?
- DNS location and how to add a DNS entry
- Steps to Minimise or Avoid Downtime When Taking a Website Live
- How to Add NS Records for Subdomains on Staq
- DNS is not resolving
- Where you access the A record or NS Record
- How to add Google or Office365 MX records to Staq DNS
- Resolving Localized Issues Caused by Hardcoded IP Addresses in the Hosts File
- TXT record in DNS – CharacterStringTooLong
- How to move the DNS across to Staq when the site is already hosted on Staq
- How to enable instant DNS Propogation
- Switching DNS back to Staq and now the site doesn’t load
- IT company says they want to move DNS away from Staq. What should I say?
Server & Tools
Analytics & Logs- How to track a site’s activity history
- Someone installed/deactivated a plugin. What logs are there?
- Server Logs
- How to check if CRON jobs are working
- How to clear the cache for a selected number of pages regularly
- How to setup a Cron job in Staq
- Resolving the “Missed Schedule” Issue in WordPress
- Images broken in Slider Revolution after migration or CDN deployment
- How to do a Search & Replace
- Import a third-party SQL database over an existing website
- Running SQL queries inside Staq Panel
- How to use Staq Query Tool to diagnose database queries
- Access to phpMyAdmin / database
- SQL query to delete entire WooCommerce products in one hit
- How to download your backup files
- How to debug an issue
- My Website is Slow – How to Debug
- Troubleshooting Import Process Errors in WordPress
- How to Use Staq Debug for Troubleshooting Issues
- Integrating Git for whole site environment
- How to setup Bitbucket with Staq (plugin/theme only)
- How to setup Github with Staq (plugin/theme only)
- How to Increase PHP Workers
- Increasing Server Memory
- How to Increase PHP Max Input Vars Limit
- Increase Max File Upload limit
- The server cannot process the image
- Increase Max Request Timeout
- Does Staq support both PHP 7.4?
- How to downgrade or upgrade to PHP version
- Setup Domain Redirects
- Server Redirects
- SEO 301 Redirect
- How to Handle Regex Redirects with Query Parameters in WordPress
- How to Serve Static HTML Files Alongside Your WordPress Site
- How to fix Access-Control-Allow-Origin issue
- Cloudflare 520 or 521 error
- Troubleshooting Import Process Errors in WordPress
- 504 Gateway Time-out error
- Error 1000 on Cloudflare
- Fixing CORS Errors
- 502 Gateway error
- Fixing MIME-Type Errors Preventing Styles and Fonts from Loading
- Service Unavailable / 503 Error code and how to fix
- Server 500 error in browser. How to fix
- 403 Server Error
- Too Many Requests with Error Code 429
- How to add a custom SSL
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH with Cloudflare
- Steps to Minimise or Avoid Downtime When Taking a Website Live
- Error 1000 on Cloudflare
- How SSL Certificates Work on Staq
- How to create a custom SSL certificate
- SSL Is Not Generating
- 403 Server Error
Staq Billing
Staq Billing > Account- Invoice breakdown and viewing excess charges
- How to view invoices (Agency Invoice)
- How to update your credit card (Agency account holder only)
- How to add/update client’s credit card
- How to Resolve “A User with the Specified Email Already Exists” Error
- How to view historical client invoices
- How to create a client and request for credit card details
- Assigning a Client to your agency custom plan
- Amending Your Client’s Details on File
- How to Determine the Reason for a Client’s Payment Failure
- Customise automated emails to your clients
- Adding a custom terms and conditions for your clients (digital agency POV)
- Changing currency when using Staq Billing to charge clients
- Step-by-step instructions in setting up your automated billing to charge your clients hosting fees
Media
Media- The server cannot process the image
- Sorry, you are not allowed to upload this file type
- How to remove the AWS S3 URLs
- How Images are Served from AWS on Staq
- Images broken in Slider Revolution after migration or CDN deployment
- Images do not show when I’m logged out
- Images or PDFs Showing a “404 Not Found” Error
- Troubleshooting Broken WebP Images on Your Staq Hosted Site
- How to disable lazyload
- Image Compression
- How to change the image compression settings
- How to enable automatic WebP image conversion?
- How to regenerate Media Library thumbnails in WordPress
Accounts & Billing
Accounts & Billing- Renaming Your Website in Staq
- Canceling an existing site subscription and assigning it to a new user
- Custom SMTP to send automated emails from Staq
- User Access to Staq Platform
- Cost Optimization Strategies
- Changing the timezone throughout the Staq dashboard
- How to see when dev sites will incur charges
- How to unsubscribe or delete or cancel a site in Staq
- Does Staq offer annual billing?
- Pricing: How Does Staq Charge?
- Enable Multi-Factor Authentication (MFA) on Staq
- Enabling Popups for 1-Click WordPress Access in Supported Browsers
- Putting a Live Site back into Dev Mode
General
WordPress Hosting- Do You Provide SSH Access?
- Can I run 2 separate WP installs on the same domain?
- How to enable XML-RPC
- How to edit the wp-config.php file on Staq
- Do you support Multi-Sites?
- Do we offer email hosting?
- Is Sage/Roots compatible with Staq?
- Do You Provide Web Hosting to Any Platform or Just WordPress?
- My website design/layout is broken
- Website is down
- How to use Staq Query Tool to diagnose database queries
- How to use Query Monitor plugin
Content Security Policy Error: Causes and Solutions
On this page
If you’re experiencing issues with third-party services like embedded videos, forms, chat tools, or tracking scripts, your browser may display an error such as:
“Content Security Policy of your site blocks some resources.”
Common Issues Caused by Content Security Policy (CSP)
- Embedded YouTube/Vimeo videos not loading
- Third-party iframes, such as forms or widgets, not displaying
- Tracking scripts like Hotjar, Crazy Egg, or Zoho failing to load
- Live chat tools (e.g., Tidio, 3CX) not connecting to WebSocket servers
How to Check if CSP is the Cause
To confirm if CSP is blocking a resource:
- Open your browser’s Inspect Element tool (right-click > Inspect or press
F12). - Go to the Console tab and look for errors mentioning “Content Security Policy” or “Refused to connect“.
- Identify the blocked domain or resource. The error will specify the domain or directive being blocked.
For example:
Refused to connect to 'wss://example.com' because it violates the Content Security Policy directive: "default-src https:"How to Resolve Content Security Policy Issues
Content Security Policy settings are enforced at the NGINX server level for security purposes. While you can exclude CSP headers via the Staq Panel, this is not recommended as it reduces website security.
If you believe CSP is blocking a required resource:
Step 1: Contact Staq Support
Reach out to Staq Support with details of the blocked resource(s). Rather than telling us what we need to do, it would be easier if you reference the actual page that shows the CSP error and we can take this information and customize the CSP to avoid double handling.
Step 2: Temporary Exclusion (Not Recommended)
If needed as a temporary measure, you can exclude the CSP headers via the Staq Panel:
-
- Go to the Staq Panel for your website.
- Click on Nginx Config:
-
- Under Content-Security-Policy (HTTP header), select Exclude and click Save:
Important: This disables CSP entirely, which is not secure. Use this option only as a temporary workaround.
Examples of Third-Party Services Blocked by CSP
Here are common third-party services that may require adjustments to the CSP:
- Hotjar: Tracking scripts and WebSocket connections
- Crazy Egg: Scripts, images, and connections to
*.crazyegg.com - Zoho: Chat operations, scripts, and media files (e.g.,
*.zoho.eu,*.zohocdn.com) - Vimeo/YouTube: Embedded videos requiring iframe and script permissions
- 3CX Live Chat: WebSocket connections to
*.3cx.com
DO NOT place CSP inside child theme
Note: We’ve seen cases where developers add custom Content Security Policy (CSP) rules inside their child theme via PHP. This approach is not recommended because CSP headers set via PHP are processed at the application level, which can introduce delays and inconsistencies. It’s far more efficient and secure to configure CSP headers at the server level through NGINX, as they are applied directly in the HTTP response, ensuring better performance and consistent enforcement across all requests.
Contacting Staq Support
If you are unsure which domains or directives to allow, or if you need assistance applying changes, please contact Staq Support. We will ensure your required resources load securely without compromising your site’s security.
Need some help?
We all do sometimes. Please reach out to our support team by dropping us a support ticket. We will respond fast.