This is a WordPress plugin that makes it easy to set HTTP response headers that will improve the security of your website
Author: | Better Security (profile at wordpress.org) |
WordPress version required: | 5.0 |
WordPress version tested: | 6.0 |
Plugin version: | 2.1 |
Added to WordPress repository: | 09-03-2019 |
Last updated: | 23-05-2022 |
Rating, %: | 0 |
Rated by: | 0 |
Plugin URI: | |
Total downloads: | 1 951 |
Active installs: | 100+ |
Click to start download |
This plugin does not make any changes to your server configuration, such as the .htaccess file, but instead sends the headers as part of the WordPress page response. The reason for this is that many of them are not valid for assets such as stylesheets and images, but are sent anyway if the server configuration method is used.
Unlike many security plugins, these headers are also sent for your admin panel, where security is arguably the most important.
Headers that can be set include…
* Feature-Policy
* Referrer-Policy
* Strict-Transport-Security
* X-Frame-Options
* X-Content-Type-Options
* X-XSS-Protection
* X-Permitted-Cross-Domain-Policies
* Expect-CT