Security Header Generator

It is a simplified way to set security headings for your website which will help mitigate attacks.

A Content Security Policy is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.

This is where it gets complicated. You will need to browser your website and track all external resources and types. For an example, we have included WordPress defaults. Once you have done this initial tracking you can add the sources in the plugins Content Security Policy sources, and hit the ‘Save’ button.

Once you have initially configured it, I would recommend repeating the process above as many times as it takes to gather all of them. It can take quite a number of times to accomplish this, some external resources like iframes, scripts, and even stylesheets can pull in their own external items that will not show until the parent items are included.

In the Standard Security Header tab in the plugin settings, turn on the “upgrade insecure requests” and hit ‘Save’.

Sure is, in the plugin settings, look for the Documentation tab.

Sure can. In the plugin settings, look for the Export/Import Settings tab.

You can reach out at the plugins page in the WordPress.org plugin respository.

Please understand, I cannot generate the proper headers for you through the wordpress.org support due to the amount of time it could take to do it along with the access I would need. However, I can be contacted here: https://kevp.us/contact and we can discuss it.