Secure HTTP Headers

Secure HTTP Headers

Wordpress plugin

Install on Wordpress

App Details

Harden your web applications.

HTTP header fields are components of the header section of request and response messages. The headers define the operating parameters of an HTTP transaction.

Securing HTTP headers will improve the resilience of your web application against many common attacks including those that are on the OWASP top 10 list.

Securing headers can also improve your SEO rank and in addition to preventing websites from being marked as dangerous by browsers and antivirus applications.

Protect sensitive user information and be compliant with privacy regulations. Defend users from stealing private data by protecting website cookies. Use the proper directive such as “secure”, “httponly” and “samesite”, all of those will be applied automatically by “Secure HTTP Headers” plugin.

Secure HTTP Headers will automatically analyze any website and will build up secure headers directives, by the latest best practice.

In addition, Secure HTTP Headers offers fully configurable options, apply or skip any header directive as needed.

Install and activate Secure HTTP Headers with full confidence, the deactivation of this plugin will return your website header directives to their original state.

Main plugin functionality

  1. HTTP Strict Transport Security – helps to protect websites against man-in-the-middle attacks and cookie hijacking

  2. X-Frame-Options – helps to protect users against ClickJacking attacks

  3. X-Content-Type-Options – helps to prevent the browser from MIME-sniffing

  4. Referrer-Policy – helps to control how much referrer information should be included with requests

  5. Clear-Site-Data – helps to ensure that data is deleted from the browser if the user logs out

  6. X-Download-Options – helps to control how IE 8 will handle downloaded HTML files

  7. Access-Control-Allow-Origin – helps to ensure whether the response can be shared with requesting code from the given origin

  8. Cross-Origin-Embedder-Policy – helps to prevent a document from loading any cross-origin resources that don’t explicitly grant the document permission

  9. Permissions-Policy – helps to allow and deny the use of browser features in its own frame, and in content within any iframe elements in the document

  10. Cross-Origin-Opener-Policy – helps to protect websites against a set of cross-origin attacks dubbed XS-Leaks

  11. Cross-Origin-Resource-Policy – helps to protect websites against speculative side-channel attacks, like Spectre, as well as Cross-Site Script Inclusion attacks

  12. X-Permitted-Cross-Domain-Policies – helps to control how cross-domain requests from Flash and PDF documents are handled

  13. Cookie Http-Only flag – helps to protect websites against Cross-Site Scripting, or XSS attacks

  14. Cookie Secure flag – helps to ensure that cookie is sent over a secure connection

  15. Cookie Samesite Lax flag – helps to protect websites against CSRF and XSSI attacks

  16. Expect-CT – helps to prevent the use of misissued certificates for a website. Note: The Expect-CT will likely become obsolete in June 2021

What are the optional extras?

Magnisec is offering “Secure HTTP Headers enhanced”

A plugin that contains, in addition, an engine that watches and builds in any website changes a CSP – Content Security Policy that is best practice and recommended by all professional securities experts, that mitigate XSS -Cross site Scripting, one of the most common and destructive attacks.

Price: 50$ /year for a domain.

More details and installation here

Pricing

Starting from $0 per month.

Check Out the YouTube Carousel Widget

By Common Ninja

YouTube CarouselTry For Free!

App Info

Rating

Reviewers

2 reviews

Tags

cookies
hardening
headers
security

Developed By

shasha310

Quick & Easy

Find the Best Wordpress plugins for you

Common Ninja has a large selection of powerful Wordpress plugins that are easy to use, fully customizable, mobile-friendly and rich with features — so be sure to check them out!

Testimonial

Testimonial plugins for Wordpress

Contact Form

Contact Form plugins for Wordpress

Maps

Maps plugins for Wordpress

Translation

Translation plugins for Wordpress

Chat

Chat plugins for Wordpress

Slider

Slider plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Contact

Contact plugins for Wordpress

Galleries

Galleries plugins for Wordpress

SEO

SEO plugins for Wordpress

Forms

Forms plugins for Wordpress

Comments

Comments plugins for Wordpress

Backup

Backup plugins for Wordpress

Privacy

Privacy plugins for Wordpress

Optimize

Optimize plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Comments

Comments plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Social Sharing

Social Sharing plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Video Player

Video Player plugins for Wordpress

popup

popup plugins for Wordpress

SiteMap

SiteMap plugins for Wordpress

Payment

Payment plugins for Wordpress

Coming Soon

Coming Soon plugins for Wordpress

Inventory

Inventory plugins for Wordpress

Testimonials

Testimonials plugins for Wordpress

Portfolio

Portfolio plugins for Wordpress

Membership

Membership plugins for Wordpress

Forms

Forms plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Events Calendar

Events Calendar plugins for Wordpress

Sliders

Sliders plugins for Wordpress

Analytics

Analytics plugins for Wordpress

Reviews

Reviews plugins for Wordpress

Security

Security plugins for Wordpress

Ads

Ads plugins for Wordpress

Music Player

Music Player plugins for Wordpress

Countdown

Countdown plugins for Wordpress

Email Marketing

Email Marketing plugins for Wordpress

Membership

Membership plugins for Wordpress

Ecommerce

Ecommerce plugins for Wordpress

Customer Support

Customer Support plugins for Wordpress

Video Player

Video Player plugins for Wordpress

Tabs

Tabs plugins for Wordpress

Social Feeds

Social Feeds plugins for Wordpress

Common Ninja Apps

Some of the best Common Ninja plugins for Wordpress

Browse our extensive collection of compatible plugins, and easily embed them on any website, blog, online store, e-commerce platform, or site builder.

YouTube Carousel for Wordpress logo

YouTube Carousel

Show YouTube videos with a YouTube carousel that displays clips in a smooth, customizable layout to boost visibility and keep visitors engaged.

All in One Reviews for Wordpress logo

All in One Reviews

Display and manage customer reviews from multiple platforms in one place to build trust and highlight brand credibility.

AI Chatbot for Wordpress logo

AI Chatbot

Add an AI chatbot that answers user questions by crawling your site, using uploaded content, and collecting chat interactions.

Right Click Protection for Wordpress logo

Right Click Protection

Use right click protection to prevent copying by disabling right click actions, protecting your content and reducing unauthorized reuse on your site.

Tilted Image for Wordpress logo

Tilted Image

Use tilted image effects to rotate visuals, add creative style, and keep visitors engaged with dynamic images on your site.

App Store Reviews for Wordpress logo

App Store Reviews

Show Apple App Store reviews to build trust, strengthen credibility, and help visitors make confident download decisions that support app growth.

Audio Player for Wordpress logo

Audio Player

Add a no-code audio player to your site and boost engagement with music, podcasts, and voice content effortlessly.

Tripadvisor Reviews for Wordpress logo

Tripadvisor Reviews

Show Tripadvisor reviews to build trust, improve credibility, and help visitors make confident booking decisions that support higher property sales.

Collapsible Content for Wordpress logo

Collapsible Content

Use Collapsible Content sections to structure information on your site and make it easier for visitors to find what they need.

Cookie Banner for Wordpress logo

Cookie Banner

Use a Cookie Banner to inform visitors about cookies on your site and let them manage their consent in a clear, structured way.

Reviews Badge for Wordpress logo

Reviews Badge

Use a reviews badge to highlight your ratings, build trust at a glance, improve credibility, and help increase conversions across your site.

MP3 Player for Wordpress logo

MP3 Player

Add an MP3 Player to your website and engage visitors with music, podcasts, and spoken audio without any setup complexity.

More plugins

plugins You Might Like

Discover Apps By Platform

Discover the best apps for your website

WordPress
Wix
Shopify
Weebly
Webflow
Joomla
PrestaShop
Shift4Shop
WebsiteX5
MODX
Opencart
NopCommerce

Common Ninja Search Engine

The Common Ninja Search Engine platform helps website builders find the best site widgets, apps, plugins, tools, add-ons, and extensions! Compatible with all major website building platforms - big or small - and updated regularly, our Search Engine tool provides you with the business tools your site needs!

Multiple platforms