GD Security Headers − Dev4Press Plugins for WordPress

Free Download

From: WordPress.org

First released

8 months, 12 days ago

Requirements

PHP: 5.6, 7.0, 7.1, 7.2, 7.3

WordPress: 4.6, 4.7, 4.8, 4.9, 5.0, 5.1

or ClassicPress: 1.0

More about system requirements

Multisite Support

The plugin works on individual websites in the network.

Buy NowPlugin Pricing & Purchase

Security related HTTP Headers

The plugin allows you to add various security related HTTP headers, directly to the page or into .HTACCESS file with tools to log browser violation reports.

Headers Dashboard

Plugin dashboard shows status of all supported security headers, with the recommendations of what should be in use.

Report Logs

Log with all CSP and XXP reports send by browsers whenever the set security rules were violated on the users end.

Support for .HTACCESS

All security headers can be added into the Apache server .HTACCESS file to be applied to all requests coming to the website.

Content Security Policy

The most important header added by the plugin is the CSP or Content Security Policy. It has option for predefined rules, report logging and settings for all individual rules.

CSP Rules

For each CSP elements you can define list of rules or domains to allow. Some general rules can be enabled automatically.

Predefined / Extra rules

If you use Google services like Adsense, Analytics, Maps, Translate or Fonts, plugin can add rules for them.

Reports Logging

All reports sent by browsers (and all modern browsers do that) related to rules violation can be logged in and reviewed later.

And more features

Plugin supports XSS Protection header with reports log, more security headers and it has additional tools.

XSS Protection

You can enable the XSS Protection header, and enable reports log for XSS related violations (only from Chrome).

Additional Headers

Plugin also supports more headers: Content Control, Strict Transport Security, Referrer Policy and Frame Options.

Various Tools

All plugin settings can be exported and imported, reports logs cleaned, and all plugin settings removed.

Translations

Plugin's basic is English. But, the plugin also includes additional translations.

Accessibility

Web accessibility is increasingly important factor in web development, and with the accessibility support you are making sure that people with disablities are able to use your website. Developing for accessibility is one of the priorities on Dev4Press, and we are using WCAG guidelines and approved tools to test our plugins and improve accessibility for on both admin side and the front end (for plugins with front end controlls and features).

Plugin Accessibility Status

Front End Accessibility: Not Applicable

Admin Side Accessibility: Yes

Complete Localization

All Dev4Press free and lite plugins have WordPress standard PO/MO translation system implemented, making it easy to translate into any language. Depending on the plugin, translations can be split into two or more files for easier translations handing.

Browser Compatibility

All our plugins are compatible with all popular internet browsers. This includes Google Chrome, Mozilla Firefox, Apple Safari, Opera, MS Internet Explorer (version 9 and higher), all tested across different operating systems and desktop and mobile devices.

Secure and Clean Code

All Dev4Press premium plugins are coded using best coding practices, with code tested for all potential security problems. We are constantly working on maintaining full WordPress compatibility and highest level of security for all our products.

Free Security

GD Security Headers

An easy way to add HTTP security headers