Security Header Generator

বৰ্ণনা

This plugin generates the proper security HTTP response headers, attempts to generate a valid Content Security Policy, and sets browser permissions if configured.

স্ক্ৰীনশ্বট

  • Standard Header Settings
  • Content Security Policy Settings
  • Permissions Settings
  • Documentation
  • Import/Export Settings
  • Headers Set

ইনষ্টলেশ্যন

  1. Download the plugin, unzip it, and upload to your sites /wp-content/plugins/ directory
    1. You can also upload it directly to your Plugins admin
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

সঘনাই উত্থাপিত প্ৰশ্ন

What is a Content Security Policy?

A Content Security Policy is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.

পৰ্য্যালোচনা

মে’ 15, 2024 1টা প্ৰত্যুত্তৰ
Very satisfied, thank you!
ডিচেম্বৰ 18, 2022 1টা প্ৰত্যুত্তৰ
The plugin does what it promises. Thank you for this work.
ডিচেম্বৰ 18, 2021 1টা প্ৰত্যুত্তৰ
Easy and Fast configuration. Don’t block image and Divi
আটাই 5টা পৰ্য্যালোচনা পঢ়ক

অৱদানকাৰী আৰু বিকাশকাৰীসকল

“Security Header Generator” হৈছে মুক্ত উৎসৰ ছফ্টৱেৰ। এইসকল লোকে এই প্লাগিনত অৱদান আগবঢ়াইছে।

অৱদানকাৰীসকল

আপোনাৰ ভাষাত “Security Header Generator” অনুবাদ কৰক।

বিকাশৰ প্ৰতি আগ্ৰহী?

ক’ড ব্ৰাউজ কৰক, SVN ৰিপজিটৰী চাওক নাইবা RSS-দ্বাৰা বিকাশৰ পঞ্জী ছাবস্ক্ৰাইব কৰক।

সলনি-পঞ্জী

5.2.03

  • Requirements: WP Core: 6.0.9
    • Next version will be incompatible with PHP 7.4
  • Verify: WP Core 6.8 Compatability
  • Verify: PHP 8.4 Compatibility
  • Fix: Field Not Found in settings for Report to
  • Fix: Removed ‘nothing’ for unsafe settings
    • literally did nothing anyways, and wasn’t actually meant for that
    • the keyword ‘none’ should be added to “Source” if it is needed
  • Fix: “apply_child_override” warnings
  • Add: PHP Upgrade Notice for any site under PHP 8.1

5.1.31

  • Fix: Issue where menu would disappear on non-multisite

5.1.29

  • Fix: Some undefined array keys when some settings not set
  • Verify: WP Core 6.7 Compatibility
  • Fix: Defaults for settings.
    • Found headers were being applied after turning off setting that should not have been
  • Clean Up: Versions older than 4

5.0.11

  • Add: sandbox directive for Content Security Policy
    • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
  • Fix: Application of CSP headers when there is no value set
    • No longer sets the directive if nothing is configured for it.
  • Fix: Some styling in the admin pages
  • Remove: Deprecated CLI methods
  • Update: JS Libraries for settings framework
  • Verified: PHP 8.3 Compatibility

4.6.01

  • Verified: WP Core 6.6 Compatibility
  • Updated: settings fw: Fixed: PHP 8.x deprecated notices.
  • Updated: Documentation
  • Removed: references to implementation to avoid confusion

4.1.22

  • Removed: CLI Generator
  • Verified: WP Core 6.5 Compatibility
  • Add: Apply CSP to REST API
    • Please be aware, once this is switched on it will also be active for the admin area of the site.
    • Hook: wpsh_send_restapi_headers

4.0.01

  • Verified: Core Version 6.4 compliant
  • Remove: navigate-to directive for Content Security Policy
    • Per: https://docs.w3cub.com/http/headers/content-security-policy/navigate-to no longer supported in any browser
  • Add: report-to directive for Content Security Policy
    • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to
    • Please be aware, this directive currently does nothing in Firefox and Safari
  • Updated: WordPress Defaults. Compliant ONLY with the following:
    • Plugins: Gravity Forms
    • Themes: Twenty Twenty, Twenty Twenty-One, Twenty Twenty-Two, Twenty Twenty-Three
  • Updated: WordPress Core version requirements to 5.6.10