Linux 软件免费装
Banner图

Security Header Generator

开发者 kevp75
更新时间 2025年5月30日 19:31
捐献地址: 去捐款
PHP版本: 8.1 及以上
WordPress版本: 6.9
版权: GPLv3
版权网址: 版权信息

标签

security permissions content security policy security headers permissions policy

下载

3.0.68 3.9.77 5.2.03 1.3.14 1.4.09 1.6.09 1.6.10 1.7.02 2.0.08 3.6.33 1.3.13 1.9.23 1.9.27 1.9.17 1.9.18 3.0.10 1.4.11 1.5.22 1.7.03 1.8.11 1.8.14 1.8.23 1.9.11 1.9.43 1.9.44 1.9.47 1.9.51 2.0.97 2.1.09 2.1.11 2.2.13 2.2.15 5.2.99 5.2.99.1 5.3.01 3.0.09 3.0.77 3.3.01 3.6.02 3.6.11 2.0.36 3.6.22 3.4.28 4.0.01 4.1.22 4.6.01 4.1.23 5.1.29 3.2.34 3.2.37 3.4.27 3.6.44 3.6.79 3.7.23 3.8.01 3.2.33 3.5.17 3.6.46 3.8.14 3.9.01 3.9.12 5.1.31

详情介绍:

This plugin generates the proper security HTTP response headers, attempts to generate a valid Content Security Policy, and sets browser permissions if configured.

安装:

  1. Download the plugin, unzip it, and upload to your sites /wp-content/plugins/ directory
  2. You can also upload it directly to your Plugins admin
  3. Activate the plugin through the 'Plugins' menu in WordPress

屏幕截图:

  • Content Security Policy Settings
  • Permissions Settings
  • Documentation
  • Import/Export Settings
  • Headers Set

常见问题:

Why do I need this plugin?

It is a simplified way to set security headings for your website which will help mitigate attacks.

What is a Content Security Policy?

A Content Security Policy is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.

How can I configure my Content Security Policy?

This is where it gets complicated. You will need to browser your website and track all external resources and types. For an example, we have included WordPress defaults. Once you have done this initial tracking you can add the sources in the plugins Content Security Policy sources, and hit the 'Save' button. Once you have initially configured it, I would recommend repeating the process above as many times as it takes to gather all of them. It can take quite a number of times to accomplish this, some external resources like iframes, scripts, and even stylesheets can pull in their own external items that will not show until the parent items are included.

How can I ensure all requests are sent via https?

In the Standard Security Header tab in the plugin settings, turn on the "upgrade insecure requests" and hit 'Save'.

Is there any documentation?

Sure is, in the plugin settings, look for the Documentation tab.

Can I backup the settings?

Sure can. In the plugin settings, look for the Export/Import Settings tab.

What if I need support?

You can reach out at the plugins page in the WordPress.org plugin respository.

What kind of support will you give me once I have this installed?

Please understand, I cannot generate the proper headers for you through the wordpress.org support due to the amount of time it could take to do it along with the access I would need. However, I can be contacted here: https://kevp.us/contact and we can discuss it.

更新日志:

5.3.01 5.2.99.1 5.2.99 5.2.03 5.1.31 5.1.29 5.0.11 4.6.01 4.1.22 4.0.01 3.9.77 3.9.12 3.9.01 3.8.14 3.8.01 3.7.23 3.6.79 3.6.46 3.6.44 3.6.33 3.6.22 3.6.11 3.6.02 3.5.17 3.4.28 3.4.27 3.3.01 3.2.37 3.2.34 3.2.33 3.1.02 3.0.77 3.0.68 3.0.10 3.0.09