GD Security Headers
An easy way to add HTTP security headers to WordPress
Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.
Free Plugin Download
Plugin First Released
6 years, 9 months agoBasic Requirements
WordPress Multisite
Individual network websitesSecurity related HTTP Headers
The plugin allows you to add various security related HTTP headers, directly to the page or into .HTACCESS file with tools to log browser violation reports.
Plugin dashboard shows status of all supported security headers, with the recommendations of what should be in use.
Log with all CSP and XXP reports send by browsers whenever the set security rules were violated on the users end.
All security headers can be added into the Apache server .HTACCESS file to be applied to all requests coming to the website.
Content Security Policy
The most important header added by the plugin is the CSP or Content Security Policy. It has option for predefined rules, report logging and settings for all individual rules.
For each CSP elements you can define list of rules or domains to allow. Some general rules can be enabled automatically.
If you use Google services like Adsense, Analytics, Maps, Translate or Fonts, plugin can add rules for them.
All reports sent by browsers (all modern browsers do that) related to rules violation can be logged in and reviewed later.
And more features
Plugin supports XSS Protection header with reports log, more security headers and it has additional tools.
XSS Protection
You can enable the XSS Protection header, and enable reports log for XSS related violations (only from Chrome).
Additional Headers
Plugin also supports more headers: Content Control, Strict Transport Security, Referrer Policy and Frame Options.
Various Tools
All plugin settings can be exported and imported, reports logs cleaned, and all plugin settings removed.
All Dev4Press plugins for WordPress share these features
Settings Import and Export
Tools to export all plugin settings into a file with JSON serialization. You can import settings from that file. This way, you can keep your settings safe or transfer settings between websites.
Dev4Press Library
Dev4Press Shared Library contains code and libraries for implementing a unified admin interface, reusable code to speed up plugin development, handle plugin settings, and more.
Regular Updates
Regular updates to fix reported bugs, fix any security issues, and enhance and improve every aspect of plugins. And using our Updater plugin, you can update directly from WordPress.
Complete Localization
WordPress standard PO/MO translation system makes translating into any language easy. Dev4Press includes a GlotPress instance to handle translations for all the plugins.
Excellent Support
One of our primary goals is to provide the best support possible. This includes an active support forum and an ever-expanding knowledge base to help you get all the information you need.
Secure and Clean Code
Made with best coding practices, tested for potential security problems. We are constantly working on maintaining full WordPress compatibility and the highest level of security.
GD Security Headers Blog & Support Resources
Get the latest news and blog posts, access the plugin documentation and support forums.
Discover more WordPress plugins
