Secure HTTP Headers

Secure HTTP Headers

Wordpress plugin

Install on Wordpress

App Details

Harden your web applications.

HTTP header fields are components of the header section of request and response messages. The headers define the operating parameters of an HTTP transaction.

Securing HTTP headers will improve the resilience of your web application against many common attacks including those that are on the OWASP top 10 list.

Securing headers can also improve your SEO rank and in addition to preventing websites from being marked as dangerous by browsers and antivirus applications.

Protect sensitive user information and be compliant with privacy regulations. Defend users from stealing private data by protecting website cookies. Use the proper directive such as “secure”, “httponly” and “samesite”, all of those will be applied automatically by “Secure HTTP Headers” plugin.

Secure HTTP Headers will automatically analyze any website and will build up secure headers directives, by the latest best practice.

In addition, Secure HTTP Headers offers fully configurable options, apply or skip any header directive as needed.

Install and activate Secure HTTP Headers with full confidence, the deactivation of this plugin will return your website header directives to their original state.

Main plugin functionality

  1. HTTP Strict Transport Security – helps to protect websites against man-in-the-middle attacks and cookie hijacking

  2. X-Frame-Options – helps to protect users against ClickJacking attacks

  3. X-Content-Type-Options – helps to prevent the browser from MIME-sniffing

  4. Referrer-Policy – helps to control how much referrer information should be included with requests

  5. Clear-Site-Data – helps to ensure that data is deleted from the browser if the user logs out

  6. X-Download-Options – helps to control how IE 8 will handle downloaded HTML files

  7. Access-Control-Allow-Origin – helps to ensure whether the response can be shared with requesting code from the given origin

  8. Cross-Origin-Embedder-Policy – helps to prevent a document from loading any cross-origin resources that don’t explicitly grant the document permission

  9. Permissions-Policy – helps to allow and deny the use of browser features in its own frame, and in content within any iframe elements in the document

  10. Cross-Origin-Opener-Policy – helps to protect websites against a set of cross-origin attacks dubbed XS-Leaks

  11. Cross-Origin-Resource-Policy – helps to protect websites against speculative side-channel attacks, like Spectre, as well as Cross-Site Script Inclusion attacks

  12. X-Permitted-Cross-Domain-Policies – helps to control how cross-domain requests from Flash and PDF documents are handled

  13. Cookie Http-Only flag – helps to protect websites against Cross-Site Scripting, or XSS attacks

  14. Cookie Secure flag – helps to ensure that cookie is sent over a secure connection

  15. Cookie Samesite Lax flag – helps to protect websites against CSRF and XSSI attacks

  16. Expect-CT – helps to prevent the use of misissued certificates for a website. Note: The Expect-CT will likely become obsolete in June 2021

What are the optional extras?

Magnisec is offering “Secure HTTP Headers enhanced”

A plugin that contains, in addition, an engine that watches and builds in any website changes a CSP – Content Security Policy that is best practice and recommended by all professional securities experts, that mitigate XSS -Cross site Scripting, one of the most common and destructive attacks.

Price: 50$ /year for a domain.

More details and installation here

Pricing

Starting from $0 per month.

Check Out the Social Share Buttons Widget

By Common Ninja

Social Share ButtonsTry For Free!

App Info

Rating

Reviewers

2 reviews

Tags

cookies
hardening
headers
security

Developed By

shasha310

Quick & Easy

Find the Best Wordpress plugins for you

Common Ninja has a large selection of powerful Wordpress plugins that are easy to use, fully customizable, mobile-friendly and rich with features — so be sure to check them out!

Testimonial

Testimonial plugins for Wordpress

Galleries

Galleries plugins for Wordpress

SEO

SEO plugins for Wordpress

Contact Form

Contact Form plugins for Wordpress

Forms

Forms plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Sliders

Sliders plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Comments

Comments plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Maps

Maps plugins for Wordpress

Security

Security plugins for Wordpress

Translation

Translation plugins for Wordpress

Ads

Ads plugins for Wordpress

Video Player

Video Player plugins for Wordpress

Music Player

Music Player plugins for Wordpress

Backup

Backup plugins for Wordpress

Privacy

Privacy plugins for Wordpress

Optimize

Optimize plugins for Wordpress

Chat

Chat plugins for Wordpress

Countdown

Countdown plugins for Wordpress

Email Marketing

Email Marketing plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Membership

Membership plugins for Wordpress

popup

popup plugins for Wordpress

SiteMap

SiteMap plugins for Wordpress

Payment

Payment plugins for Wordpress

Coming Soon

Coming Soon plugins for Wordpress

Ecommerce

Ecommerce plugins for Wordpress

Customer Support

Customer Support plugins for Wordpress

Inventory

Inventory plugins for Wordpress

Video Player

Video Player plugins for Wordpress

Testimonials

Testimonials plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Slider

Slider plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Membership

Membership plugins for Wordpress

Forms

Forms plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Contact

Contact plugins for Wordpress

Comments

Comments plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Common Ninja Apps

Some of the best Common Ninja plugins for Wordpress

Browse our extensive collection of compatible plugins, and easily embed them on any website, blog, online store, e-commerce platform, or site builder.

Social Share Buttons for Wordpress logo

Social Share Buttons

Add social share buttons so visitors share content to major networks, boost engagement, and drive more referral traffic.

Lottie Player for Wordpress logo

Lottie Player

Use a Lottie player to embed lightweight JSON animations that improve visual design, keep pages fast, and create a smoother user experience.

March Madness Bracket Maker for Wordpress logo

March Madness Bracket Maker

Create interactive March Madness brackets where users can make predictions, track tournament progress, and compete with others throughout every round.

Social Proof for Wordpress logo

Social Proof

Show social proof that displays real user activity to build trust instantly, boost credibility, and help increase conversions across your site.

Corner Coupon Pop-up for Wordpress logo

Corner Coupon Pop-up

Add a corner coupon pop-up to highlight discounts, collect emails, and drive user engagement without interrupting browsing.

World Clock for Wordpress logo

World Clock

Display multiple time zones with a world clock widget that offers clear global times, customizable styles, and a responsive design for better user experience.

Glassdoor Reviews for Wordpress logo

Glassdoor Reviews

Show Glassdoor reviews to highlight employee feedback, strengthen employer brand, and help candidates trust your company.

Facebook Reviews for Wordpress logo

Facebook Reviews

Show Facebook reviews to build trust, improve credibility, and help visitors make confident purchase decisions that support higher sales.

Cookie Banner for Wordpress logo

Cookie Banner

Use a Cookie Banner to inform visitors about cookies on your site and let them manage their consent in a clear, structured way.

Size Chart for Wordpress logo

Size Chart

Add a flexible size chart with visual guides and category tabs to help users choose accurate measurements while shopping.

Image Carousel for Wordpress logo

Image Carousel

Showcase images with an image carousel that rotates or slides visuals, improves design, and draws attention to key content.

TikTok Feed for Wordpress logo

TikTok Feed

Show your latest TikTok videos in a live feed that keeps content fresh, builds social proof, and keeps visitors engaged.

More plugins

plugins You Might Like

Discover Apps By Platform

Discover the best apps for your website

WordPress
Wix
Shopify
Weebly
Webflow
Joomla
PrestaShop
Shift4Shop
WebsiteX5
MODX
Opencart
NopCommerce

Common Ninja Search Engine

The Common Ninja Search Engine platform helps website builders find the best site widgets, apps, plugins, tools, add-ons, and extensions! Compatible with all major website building platforms - big or small - and updated regularly, our Search Engine tool provides you with the business tools your site needs!

Multiple platforms