GD Security Headers

An easy way to add HTTP security headers to WordPress

Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.

Free Plugin Download
Plugin First Released
5 years, 2 months ago
Basic Requirements
PHP: 7.0
WordPress: 4.9
WordPress Multisite
Individual network websites

Security related HTTP Headers

The plugin allows you to add various security related HTTP headers, directly to the page or into .HTACCESS file with tools to log browser violation reports.

Plugin dashboard shows status of all supported security headers, with the recommendations of what should be in use.

Log with all CSP and XXP reports send by browsers whenever the set security rules were violated on the users end.

All security headers can be added into the Apache server .HTACCESS file to be applied to all requests coming to the website.

Content Security Policy

The most important header added by the plugin is the CSP or Content Security Policy. It has option for predefined rules, report logging and settings for all individual rules.

For each CSP elements you can define list of rules or domains to allow. Some general rules can be enabled automatically.

If you use Google services like Adsense, Analytics, Maps, Translate or Fonts, plugin can add rules for them.

All reports sent by browsers (all modern browsers do that) related to rules violation can be logged in and reviewed later.

And more features

Plugin supports XSS Protection header with reports log, more security headers and it has additional tools.

XSS Protection

You can enable the XSS Protection header, and enable reports log for XSS related violations (only from Chrome).

Additional Headers

Plugin also supports more headers: Content Control, Strict Transport Security, Referrer Policy and Frame Options.

Various Tools

All plugin settings can be exported and imported, reports logs cleaned, and all plugin settings removed.

All Dev4Press plugins share these features

Settings Import and Export

Tools to export all plugin settings into file with JSON serialization. You can import settings from that file. This way, you can keep your settings safe or transfer settings between websites.

Dev4Press Library

Dev4Press Shared Library contains code and libraries for implementing unified admin interface, reusable code to speed up plugin development, handle plugin settings and more.

Regular Updates

Regular updates to fix reported bugs, fix any security issues, and enhance and improve every aspect of plugins. And using our Updater plugin, you can update directly from WordPress.

Complete Localization

Using WordPress standard PO/MO translation system, making it easy to translate into any language. Dev4Press includes GlotPress instance to handle translations for all the plugins.

Excellent Support

One of our primary goals is to provide the best support possible. This includes an active support forum and ever-expanding knowledge base to you get all the information you need.

Secure and Clean Code

Made with best coding practices, tested for potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security.

GD Security Headers Blog & Support Resources

Get the latest news and blog posts, access the plugin documentation and support forums.

Discover more Dev4Press plugins