Better Headers

Description

This plugin does not make any changes to your server configuration, such as the .htaccess file, but instead sends the headers as part of the WordPress page response. The reason for this is that many of them are not valid for assets such as stylesheets and images, but are sent anyway if the server configuration method is used.

Unlike many security plugins, these headers are also sent for your admin panel, where security is arguably the most important.

Headers that can be set include…
* Feature-Policy
* Referrer-Policy
* Strict-Transport-Security
* X-Frame-Options
* X-Content-Type-Options
* X-XSS-Protection
* X-Permitted-Cross-Domain-Policies
* Expect-CT

Contributors & Developers

“Better Headers” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Better Headers” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.