HTTP Headers is a WordPress plugin who gives your control over the HTTP headers returned by your wordpress based blog or website. Helps to protect from XSS, MITM and Clickjacking attacks. Overcomes the limitations of the same-origin policy.
A list of headers supported by current version:
These HTTP headers are being used in production services by popular websites as Facebook, Google+, Twitter, LinkedIn, YouTube, Yahoo, Amazon, Ebay, Paypal, Instagram, Pinterest, Dropbox, Reddit, Netflix, Tumblr, Blogger and many more.
To install HTTP Headers plugin on your WordPress blog, follow these steps:
$ svn co https://plugins.svn.wordpress.org/http-headers/tags/1.7.0/
The image below shows up how the security headers are presented in the server response:
A typical configuration for a website includes these security headers and their corresponding values:
If you intend to support cross-origin resource sharing, consider following:
HTTP Headers for WordPress is licensed under the GPLv2 license or later.
HTTP Headers plugin requires WordPress 3.2 or higher and is compatible up to WordPress 4.8.1.
Along with improving the security of your website, this plugin makes your blog a CORS-compliant. That make it a must-have addition to your WordPress site.
If you have any question about the HTTP Headers for WordPress, leave a comment below. And do not be shy to share this article. Thanks so much for reading!
Join our mailing list and stay tuned! Never miss out news about Zino UI, new releases, or even blog post.