Title: HTTP headers to improve web site security
Author: Carl
Published: <strong>December 5, 2016</strong>
Last modified: April 6, 2020

---

Search plugins

![](https://s.w.org/plugins/geopattern-icon/http-security.svg)

# http-security

 By [Carl](https://profiles.wordpress.org/carlconrad/)

 * [Details](https://wordpress.org/plugins/http-security/#description)
 * [Reviews](https://wordpress.org/plugins/http-security/#reviews)
 * [Development](https://wordpress.org/plugins/http-security/#developers)

 [Support](https://wordpress.org/support/plugin/http-security/)

## Description

This plugin has been closed as of March 3, 2021 and is not available for download.
Reason: Guideline Violation.

## Reviews

![](https://secure.gravatar.com/avatar/858ca1b5c5d797f31ec6799cd7e633e9600b13eb935a9fba4a3db531b47c17a1?
s=60&d=retro&r=g)

### 󠀁[Perfect !! Very good job …](https://wordpress.org/support/topic/perfect-very-good-job/)󠁿

 [erisal](https://profiles.wordpress.org/erisal/) February 13, 2021

Thank you very much. I’ve A+ in test on webpagetest.org …

![](https://secure.gravatar.com/avatar/bcf4c5d24ea6f9b86a002562ac84e1143fd7adc29f069501d997f771837f4cca?
s=60&d=retro&r=g)

### 󠀁[Works GREAT!!](https://wordpress.org/support/topic/works-great-7455/)󠁿

 [nityia](https://profiles.wordpress.org/nityia/) February 6, 2021

This plugin solved security issues in the header – works very well!

![](https://secure.gravatar.com/avatar/0eb8093f274422a4f61cda98d6d7859f3745624b30ac7a0ee5ddd6b4accd12ce?
s=60&d=retro&r=g)

### 󠀁[Easy to use when you know what’s what](https://wordpress.org/support/topic/easy-to-use-when-you-know-whats-what/)󠁿

 [maxoud](https://profiles.wordpress.org/maxoud/) February 4, 2021

Up to the v. 2.5.6 there is the only neglect: in summer 2020 Feature-Policy header
has been renamed to Permissions-Policy. I hope it will be fixed with the next plugin
update.

![](https://secure.gravatar.com/avatar/d82072fd7320e701fbf01b98a619168cb5edd27d67a0eddc37145dd7ba8dae34?
s=60&d=retro&r=g)

### 󠀁[Great plugin, easy and effective](https://wordpress.org/support/topic/great-plugin-easy-and-effective-2/)󠁿

 [redkite](https://profiles.wordpress.org/redkite/) September 26, 2020

I’ve learned a lot about Content Security Policy in the last 2 days. This is a good
plugin for managing HTTP headers for security improvements.

![](https://secure.gravatar.com/avatar/ab30531be40352f48ae0c2edfe5b2e67fefa1b51b39a8cfc0b3358892a7a2e7c?
s=60&d=retro&r=g)

### 󠀁[Easy to configure and delivers](https://wordpress.org/support/topic/easy-to-configure-and-delivers/)󠁿

 [Lance](https://profiles.wordpress.org/lancernz/) August 30, 2020

This has been a very useful plugin at shoring up HSTS. Make sure you test your site
at each step to ensure the very policy you are implementing doesn’t block needed
content. Once you’ve got the hang of how it works it is easy to setup and configure.

![](https://secure.gravatar.com/avatar/e3dd93c96fe53acc5f8e304261f9962f2615162bdb82c7e6e5a35496e469b7be?
s=60&d=retro&r=g)

### 󠀁[Easy to set up with a bit of research](https://wordpress.org/support/topic/easy-to-set-up-with-a-bit-of-research/)󠁿

 [alexis888](https://profiles.wordpress.org/alexis888/) April 8, 2020 2 replies

As a rookie regarding WordPress security I was pretty lost about HTTP Security headers
until I found this pluging. So far it seems to be working great for me, even though
I had to do some extra research to set up the Content Security Policy and Feature
Policy thanks to these links (even if they are a bit old). Maybe you could add them(
or similar ressources) as references to create a CSP / feature policy for beginners
like me ? Thanks Carl for the great plugin and keep up the good work !

 [ Read all 18 reviews ](https://wordpress.org/support/plugin/http-security/reviews/)

## Contributors & Developers

“HTTP headers to improve web site security” is open source software. The following
people have contributed to this plugin.

Contributors

 *   [ Carl ](https://profiles.wordpress.org/carlconrad/)

“HTTP headers to improve web site security” has been translated into 8 locales. 
Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/http-security/contributors)
for their contributions.

[Translate “HTTP headers to improve web site security” into your language.](https://translate.wordpress.org/projects/wp-plugins/http-security)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/http-security/), check
out the [SVN repository](https://plugins.svn.wordpress.org/http-security/), or subscribe
to the [development log](https://plugins.trac.wordpress.org/log/http-security/) 
by [RSS](https://plugins.trac.wordpress.org/log/http-security/?limit=100&mode=stop_on_copy&format=rss).

## Meta

 *  Version **2.5.6**
 *  Last updated **6 years ago**
 *  Active installations **N/A**
 *  WordPress version ** 4.6 or higher **
 *  Tested up to **5.4.19**
 *  Languages
 * [Czech](https://cs.wordpress.org/plugins/http-security/), [English (Australia)](https://en-au.wordpress.org/plugins/http-security/),
   [English (Canada)](https://en-ca.wordpress.org/plugins/http-security/), [English (New Zealand)](https://en-nz.wordpress.org/plugins/http-security/),
   [English (South Africa)](https://en-za.wordpress.org/plugins/http-security/),
   [English (UK)](https://en-gb.wordpress.org/plugins/http-security/), [English (US)](https://wordpress.org/plugins/http-security/),
   [French (France)](https://fr.wordpress.org/plugins/http-security/), and [German](https://de.wordpress.org/plugins/http-security/).
 *  [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/http-security)
 *  [Advanced View](https://wordpress.org/plugins/http-security/advanced/)