Skip to content
/ site-security-headers Public

Check your WordPress website for headers that are common for security purposes.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

runthis/site-security-headers

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
App
App
 
 
Tests
Tests
 
 
Views
Views
 
 
public/css
public/css
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
autoload.php
autoload.php
 
 
bootstrap.php
bootstrap.php
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
phpunit.xml
phpunit.xml
 
 
site-security-headers.php
site-security-headers.php
 
 

Repository files navigation

Wordpress Site Security Headers

PHP Support Main Languages Languages

GitHub last commit

This is a WordPress plugin that checks your WordPress website for common headers associated with security. This plugin is opinionated and these things will not directly apply to every situation, so it is best to analyze individual applications to determine your own best path forward.

image

Header name Expects
strict-transport-security max-age >= 31536000
referrer-policy no-referrer no-referrer-when-downgrade origin origin-when-cross-origin same-origin strict-origin strict-origin-when-cross-origin
permissions-policy Just expects this to exist in some way
content-security-policy Minimum of: default-src 'none'
x-frame-options deny sameorigin allow-from
x-content-type-options nosniff
x-xss-protection 0 1 (informs you that it is deprecated and recommends CSP)

About

Check your WordPress website for headers that are common for security purposes.

Topics

wordpress wordpress-plugin security wordpress-security wordpress-security-plugin

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages