|Last Updated|| ||Ratings|| ||Unique User Downloads|| ||Download Rankings|
|2021-03-19 (21 days ago) ||Not yet rated by the users||Total: 49 This week: 24||All time: 9,981 This week: 10|
This class can send HTTP headers that implement security measures.
It can register a WordPress action function that will be called to set the response HTTP headers that are sent when pages generated by WordPress are served.
The class sets security related headers like:
The class also provides a way to set other headers.
|Nowadays there are several HTTP headers that can be used to protect better Web applications and their users against harm that could be caused by certain types of security attacks.
This class can be used to send those HTTP headers in a WordPress applications. It makes it easier to develop more secure WordPress based sites and plugins.
WP Secure Headers Helper
A simple helper class to manage HTTP Security Headers made available when a website is under any SSL certificate. Unfortunately, many plugins are used to configure SSL, but miss the more elaborated part of it - include secure headers to requests. This class aims to offer a simple interface to set up those - bringing predefined headers adequate for most WP websites, but also enabling the coder to set or alter any header - and that may include customized HTTP headers as well.
As we prefer, this library can be installed using Composer
composer require carloswph/wp-secure-headers.
Alternatively, you can just copy the class inside the
src folder and use it in your plugin or theme.
WPH\Security\Headers inserts secure headers for Wordpress. Having that said, it already comes with some basic headers, which can be seen by using the static method
wPH\Security\Headers::list(). In the future, we intend to build some chained methods to allow configuring in detail two specific headers: Content-Security-Policy and Permissions-Policy. For the moment, both can be added to class instance through the
Using with Composer
require __DIR__ . '/vendor/autoload.php';
$sec_headers = new Headers();
$sec_headers->set('Content-Security-Policy', 'connect-src "self"'); // Add new headers to the class array property.
Methods to setup and configure CSP and Permissions Policy headers
Some cookie managing tools
||Applications that use this package
No pages of applications that use this class were specified.
If you know an application of this package, send a message to the author to add a link here.