An easy-to-config WordPress plugin that allows you to secure HTTP headers and add cookie flags you prefer. Supports both Nginx and Apache.
How to use it:
1. Install and activate the Secure HTTP Headers plugin.
2. Go to the settings page and choose your server: either Apache or Nginx.
3. Choose headers you want to secure:
- Strict-Transport-Security
- Expect-CT
- Cross-Origin-Resource-Policy
- Referrer-Policy
- Cross-Origin-Embedder-Policy
- Cross-Origin-Opener-Policy
- Clear-Site-Data
- X-Download-Options
- X-Frame-Options
- X-Content-Type-Options
- Access-Control-Allow-Origin
- Permissions-Policy
- X-Permitted-Cross-Domain-Policies
4. Choose cookie flags you want to add:
- Cookie Secure flag
- Cookie HttpOnly flag
- Cookie Samesite Lax flag
5. Choose directives you want to allow:
- autoplay
- camera
- document-domain
- encrypted-media
- fullscreen
- geolocation
- microphone
- midi
- payment
- publickey-credentials-get
- usb
- xr-spatial-tracking
Download WordPress Plugin:
You can download this free WordPress plugin using the download button below. Unless otherwise stated, the WordPress plugin is available under GNU General Public License.
Author: MagniSec
Homepage: https://wordpress.org/plugins/secure-http-headers/
Don’t forget to share this WordPress plugin and also check out other awesome plugins on our site.