GD Security Headers
An easy way to add HTTP security headers
Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.
Security related HTTP Headers
The plugin allows you to add various security related HTTP headers, directly to the page or into .HTACCESS file with tools to log browser violation reports.
Plugin dashboard shows status of all supported security headers, with the recommendations of what should be in use.
Log with all CSP and XXP reports send by browsers whenever the set security rules were violated on the users end.
All security headers can be added into the Apache server .HTACCESS file to be applied to all requests coming to the website.
Content Security Policy
The most important header added by the plugin is the CSP or Content Security Policy. It has option for predefined rules, report logging and settings for all individual rules.
For each CSP elements you can define list of rules or domains to allow. Some general rules can be enabled automatically.
If you use Google services like Adsense, Analytics, Maps, Translate or Fonts, plugin can add rules for them.
All reports sent by browsers (all modern browsers do that) related to rules violation can be logged in and reviewed later.
And more features
Plugin supports XSS Protection header with reports log, more security headers and it has additional tools.
You can enable the XSS Protection header, and enable reports log for XSS related violations (only from Chrome).
Plugin also supports more headers: Content Control, Strict Transport Security, Referrer Policy and Frame Options.
All plugin settings can be exported and imported, reports logs cleaned, and all plugin settings removed.
Knowledge Base and Support
If you need help with the plugin or to report problems, use support forums.Support Forum
Plugin's basic language is English. The plugin is translation ready, with empty POT file with all the string included in the plugin directory.
The plugin translations are available from WordPress.org repository, and you can contribute translations for your language there.
It is possible that plugin has some minor spelling issues, mistypes words and other issues. Please, report any problems you find, and they will be fixed, and POT file updated when needed.Translations on WordPress.org
All Dev4Press free and lite plugins have WordPress standard PO/MO translation system implemented, making it easy to translate into any language. Depending on the plugin, translations can be split into two or more files for easier translation handling.
All our plugins are compatible with all popular internet browsers. This includes Google Chrome, Mozilla Firefox, Apple Safari, Opera, and Microsoft Edge, all tested across different operating systems and desktop and mobile devices.
Secure and Clean Code
All Dev4Press premium plugins are coded using best coding practices, with code tested for all potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security for all our products.