Website Security Headers

Easily implement key security headers that can have a profound impact on the overall security…

Author:Dave Green (profile at wordpress.org)
WordPress version required:5.0
WordPress version tested:5.8.0
Plugin version:1.0.1
Added to WordPress repository:16-06-2021
Last updated:25-08-2021
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:0
Rated by:0
Plugin URI:
Total downloads:145
plugin download
Click to start download

Website Security Headers provides website administrators and developers with the means to easily implement key security headers that can have a profound impact on the overall security of the website.

Robust website security is more important now than ever before, and the headers featured in this plugin are the most common that will be flagged in the results returned by security audits/scans and penetration tests.

This plugin was created as a WordPress companion for the excellent Security Headers website run by renowned security researcher Scott Helme. This plugin has no affiliation with Scott or his website, rather, this is a nod to his excellent work.

The plugin can be used to configure the following security headers:

  • Strict-Transport-Security
  • Content-Security-Policy
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy

IMPORTANT: if improperly configured, or configured with no knowledge of the impact of your chosen values, these headers can have a negative impact on the functionality and usability of your website. Please make sure that you fully understand the consequences of implementing these headers before adding them. Where possible, test any changes to these headers on a staging/testing site, or during a low-traffic period on the live site.