GD Security Headers
An easy way to add HTTP security headers
Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.
First released4 years, 2 months ago
MultisiteIndividual network websites
Security related HTTP Headers
The plugin allows you to add various security related HTTP headers, directly to the page or into .HTACCESS file with tools to log browser violation reports.
Plugin dashboard shows status of all supported security headers, with the recommendations of what should be in use.
Log with all CSP and XXP reports send by browsers whenever the set security rules were violated on the users end.
All security headers can be added into the Apache server .HTACCESS file to be applied to all requests coming to the website.
Content Security Policy
The most important header added by the plugin is the CSP or Content Security Policy. It has option for predefined rules, report logging and settings for all individual rules.
For each CSP elements you can define list of rules or domains to allow. Some general rules can be enabled automatically.
If you use Google services like Adsense, Analytics, Maps, Translate or Fonts, plugin can add rules for them.
All reports sent by browsers (all modern browsers do that) related to rules violation can be logged in and reviewed later.
And more features
Plugin supports XSS Protection header with reports log, more security headers and it has additional tools.
You can enable the XSS Protection header, and enable reports log for XSS related violations (only from Chrome).
Plugin also supports more headers: Content Control, Strict Transport Security, Referrer Policy and Frame Options.
All plugin settings can be exported and imported, reports logs cleaned, and all plugin settings removed.
Knowledge Base and Support
To get help for this plugin, start with FAQ and the Knowledge Base.Knowledge Base
If you need help with the plugin or to report problems, use support forums.Support Forum
Do you have doubts about whether this plugin is right for you? Test it first.Request Demo
Plugin's basic language is English. The plugin is translation ready, with empty POT file with all the string included in the plugin directory.
The plugin translations are available from WordPress.org repository, and you can contribute translations for your language there.
It is possible that plugin has some minor spelling issues, mistypes words and other issues. Please, report any problems you find, and they will be fixed, and POT file updated when needed.Translations on WordPress.org
All Dev4Press free and lite plugins have WordPress standard PO/MO translation system implemented, making it easy to translate into any language. Depending on the plugin, translations can be split into two or more files for easier translation handling.
All our plugins are compatible with all popular internet browsers. This includes Google Chrome, Mozilla Firefox, Apple Safari, Opera, and Microsoft Edge, all tested across different operating systems and desktop and mobile devices.
Secure and Clean Code
All Dev4Press premium plugins are coded using best coding practices, with code tested for all potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security for all our products.
Discover more Dev4Press plugins
GD Security Toolbox
Proactive protection and security hardening
GD bbPress Attachments
Attachments for forums powered by bbPress
Improve your website navigation with Breadcrumbs
GD bbPress Tools
Enhancing WordPress forums powered by bbPress