Hi everyone! 👋
Over the last few days, some users have reported strange behavior after updating the Headers Security Advanced & HSTS WP plugin (for example: Google Analytics not showing live data, Google Tag Manager not updating, or CSP tests showing old headers).
After analyzing all reported cases, the cause could be:
✅ It’s NOT a plugin issue
❗ It’s the CACHE serving an old version of the site
Many websites use several layers of caching:
- Object Cache (Redis, Memcached, LiteSpeed Object Cache, etc.)
- Page Cache (WP Rocket, W3 Total Cache, LiteSpeed Cache, WP Super Cache…)
- Server-side Cache (OPcache, host-level caching)
- CDN / Firewall Cache (Cloudflare, Sucuri, Akamai, etc.)
When the plugin is updated or the security configuration is changed, the cache may continue to serve an older version, including old scripts or outdated HTTP headers.
The result can look like a plugin bug…
but the server is simply returning an older cached version.
Real example
A user saw GA4 and Cookiebot “blocked” even after updating to the correct plugin version 5.2.4.
After clearing the Object Cache, everything instantly started working:
GA4 Live view > OK
Google Tag Manager > OK
Cookiebot > OK
Correct CSP visible in headers > OK
What you MUST do after updates or security changes
Please clear all caches:
1. Object Cache
(through Redis / Memcached / LiteSpeed plugins → Flush Cache)
2. Page Cache
(WP Rocket / LiteSpeed / W3TC / WP Super Cache → Purge All)
3. CDN / Cloudflare
(Cloudflare → Purge Everything)
4. Browser (optional but recommended)
Reload the site in Incognito / Private Mode.
Need help? Reply here!
If you still encounter problems after clearing all caches, don't hesitate to reply to this thread.
I'll be happy to help you solve the problem and make sure everything works properly! 😊
