
Harden your web applications.
HTTP header fields are components of the header section of request and response messages. The headers define the operating parameters of an HTTP transaction.
Securing HTTP headers will improve the resilience of your web application against many common attacks including those that are on the OWASP top 10 list.
Securing headers can also improve your SEO rank and in addition to preventing websites from being marked as dangerous by browsers and antivirus applications.
Protect sensitive user information and be compliant with privacy regulations. Defend users from stealing private data by protecting website cookies. Use the proper directive such as “secure”, “httponly” and “samesite”, all of those will be applied automatically by “Secure HTTP Headers” plugin.
Secure HTTP Headers will automatically analyze any website and will build up secure headers directives, by the latest best practice.
In addition, Secure HTTP Headers offers fully configurable options, apply or skip any header directive as needed.
Install and activate Secure HTTP Headers with full confidence, the deactivation of this plugin will return your website header directives to their original state.
HTTP Strict Transport Security – helps to protect websites against man-in-the-middle attacks and cookie hijacking
X-Frame-Options – helps to protect users against ClickJacking attacks
X-Content-Type-Options – helps to prevent the browser from MIME-sniffing
Referrer-Policy – helps to control how much referrer information should be included with requests
Clear-Site-Data – helps to ensure that data is deleted from the browser if the user logs out
X-Download-Options – helps to control how IE 8 will handle downloaded HTML files
Access-Control-Allow-Origin – helps to ensure whether the response can be shared with requesting code from the given origin
Cross-Origin-Embedder-Policy – helps to prevent a document from loading any cross-origin resources that don’t explicitly grant the document permission
Permissions-Policy – helps to allow and deny the use of browser features in its own frame, and in content within any iframe elements in the document
Cross-Origin-Opener-Policy – helps to protect websites against a set of cross-origin attacks dubbed XS-Leaks
Cross-Origin-Resource-Policy – helps to protect websites against speculative side-channel attacks, like Spectre, as well as Cross-Site Script Inclusion attacks
X-Permitted-Cross-Domain-Policies – helps to control how cross-domain requests from Flash and PDF documents are handled
Cookie Http-Only flag – helps to protect websites against Cross-Site Scripting, or XSS attacks
Cookie Secure flag – helps to ensure that cookie is sent over a secure connection
Cookie Samesite Lax flag – helps to protect websites against CSRF and XSSI attacks
Expect-CT – helps to prevent the use of misissued certificates for a website. Note: The Expect-CT will likely become obsolete in June 2021
Magnisec is offering “Secure HTTP Headers enhanced”
A plugin that contains, in addition, an engine that watches and builds in any website changes a CSP – Content Security Policy that is best practice and recommended by all professional securities experts, that mitigate XSS -Cross site Scripting, one of the most common and destructive attacks.
Price: 50$ /year for a domain.
More details and installation here
Starting from $0 per month.
Rating
Reviewers
2 reviews
Tags
Developed By
shasha310
Quick & Easy
Common Ninja has a large selection of powerful Wordpress plugins that are easy to use, fully customizable, mobile-friendly and rich with features — so be sure to check them out!
Testimonial plugins for Wordpress
Contact Form plugins for Wordpress
Maps plugins for Wordpress
Translation plugins for Wordpress
Chat plugins for Wordpress
Slider plugins for Wordpress
Reviews plugins for Wordpress
Contact plugins for Wordpress
Galleries plugins for Wordpress
SEO plugins for Wordpress
Forms plugins for Wordpress
Comments plugins for Wordpress
Backup plugins for Wordpress
Privacy plugins for Wordpress
Optimize plugins for Wordpress
Tabs plugins for Wordpress
Social Sharing plugins for Wordpress
Events Calendar plugins for Wordpress
Comments plugins for Wordpress
Social Feeds plugins for Wordpress
Social Sharing plugins for Wordpress
Portfolio plugins for Wordpress
Video Player plugins for Wordpress
popup plugins for Wordpress
SiteMap plugins for Wordpress
Payment plugins for Wordpress
Coming Soon plugins for Wordpress
Inventory plugins for Wordpress
Testimonials plugins for Wordpress
Portfolio plugins for Wordpress
Membership plugins for Wordpress
Forms plugins for Wordpress
Analytics plugins for Wordpress
Events Calendar plugins for Wordpress
Sliders plugins for Wordpress
Analytics plugins for Wordpress
Reviews plugins for Wordpress
Security plugins for Wordpress
Ads plugins for Wordpress
Music Player plugins for Wordpress
Countdown plugins for Wordpress
Email Marketing plugins for Wordpress
Membership plugins for Wordpress
Ecommerce plugins for Wordpress
Customer Support plugins for Wordpress
Video Player plugins for Wordpress
Tabs plugins for Wordpress
Social Feeds plugins for Wordpress
Common Ninja Apps
Browse our extensive collection of compatible plugins, and easily embed them on any website, blog, online store, e-commerce platform, or site builder.
Show YouTube videos with a YouTube carousel that displays clips in a smooth, customizable layout to boost visibility and keep visitors engaged.
Display and manage customer reviews from multiple platforms in one place to build trust and highlight brand credibility.
Add an AI chatbot that answers user questions by crawling your site, using uploaded content, and collecting chat interactions.
Use right click protection to prevent copying by disabling right click actions, protecting your content and reducing unauthorized reuse on your site.
Use tilted image effects to rotate visuals, add creative style, and keep visitors engaged with dynamic images on your site.
Show Apple App Store reviews to build trust, strengthen credibility, and help visitors make confident download decisions that support app growth.
Add a no-code audio player to your site and boost engagement with music, podcasts, and voice content effortlessly.
Show Tripadvisor reviews to build trust, improve credibility, and help visitors make confident booking decisions that support higher property sales.
Use Collapsible Content sections to structure information on your site and make it easier for visitors to find what they need.
Use a Cookie Banner to inform visitors about cookies on your site and let them manage their consent in a clear, structured way.
Use a reviews badge to highlight your ratings, build trust at a glance, improve credibility, and help increase conversions across your site.
Add an MP3 Player to your website and engage visitors with music, podcasts, and spoken audio without any setup complexity.
More plugins
The Common Ninja Search Engine platform helps website builders find the best site widgets, apps, plugins, tools, add-ons, and extensions! Compatible with all major website building platforms - big or small - and updated regularly, our Search Engine tool provides you with the business tools your site needs!
