{"id":413556,"date":"2024-11-01T08:00:00","date_gmt":"2024-11-01T08:00:00","guid":{"rendered":"https:\/\/www.weixiaoduo.com\/plugins\/security-header\/"},"modified":"2025-04-29T16:25:00","modified_gmt":"2025-04-29T16:25:00","slug":"security-header","status":"publish","type":"post","link":"https:\/\/www.weixiaoduo.com\/plugins\/security-header\/","title":{"rendered":"HTTP Security Header"},"content":{"rendered":"<p><strong>HTTP Security Header<\/strong> helps protect your WordPress site by adding critical HTTP headers to each response \u2014 with no code required. These headers provide additional layers of protection against attacks such as cross-site scripting (XSS), clickjacking, content injection, and resource leaks.<\/p>\n<p>This plugin offers a modern, responsive admin dashboard with validation, fallback safety, and full control over each header\u2019s default or custom value.<\/p>\n<p><strong>Features Include:<\/strong><br \/>\n\u2013 Visual toggles for enabling\/disabling headers<br \/>\n\u2013 Option to use <strong>default or custom header values<\/strong><br \/>\n\u2013 Secure fallback if a header is misconfigured<br \/>\n\u2013 Integrated <strong>header validation<\/strong><br \/>\n\u2013 Support for all major browser-supported headers<br \/>\n\u2013 Nonce-based saving and admin notices<br \/>\n\u2013 WP Multisite compatible<br \/>\n\u2013 \u201cDisable All\u201d and \u201cReset to Important Headers\u201d actions<br \/>\n\u2013 Per-header input validation with real-time error fallback<\/p>\n<p><strong>Supported Headers:<\/strong><br \/>\n* Strict-Transport-Security (HSTS)<br \/>\n* X-Frame-Options<br \/>\n* X-Content-Type-Options<br \/>\n* Referrer-Policy<br \/>\n* Content-Security-Policy<br \/>\n* Permissions-Policy<br \/>\n* X-XSS-Protection<br \/>\n* X-Permitted-Cross-Domain-Policies<br \/>\n* Expect-CT<br \/>\n* Cross-Origin-Opener-Policy (COOP)<br \/>\n* Cross-Origin-Resource-Policy (CORP)<br \/>\n* Cross-Origin-Embedder-Policy (COEP)<\/p>\n<h3>Features<\/h3>\n<ul>\n<li>Lightweight and performance-focused<\/li>\n<li>No front-end impact<\/li>\n<li>Choose default or custom header values<\/li>\n<li>Secure validation and auto-fallbacks<\/li>\n<li>Seamless plugin compatibility (e.g. WP Rocket)<\/li>\n<li>Fully translation-ready and i18n-compliant<\/li>\n<li>Nonce-protected admin save actions<\/li>\n<li>Optional reset-to-defaults support<\/li>\n<li>Reset or disable all headers with one click<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Add and manage essential HTTP security headers with ease. Protect your WordPress site from XSS, clickjacking, and other common vulnerabilities.<\/p>\n","protected":false},"author":65,"featured_media":413557,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"slim_seo":{"title":"HTTP Security Header - \u8587\u6653\u6735\u63d2\u4ef6\u76ee\u5f55","description":"Add and manage essential HTTP security headers with ease. Protect your WordPress site from XSS, clickjacking, and other common vulnerabilities."},"footnotes":""},"categories":[1],"tags":[17951,14456,58680,904,5408],"class_list":["post-413556","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-clickjacking","tag-content-security-policy","tag-http-security","tag-security-headers","tag-wordpress-security"],"_links":{"self":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts\/413556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/comments?post=413556"}],"version-history":[{"count":0,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts\/413556\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/media\/413557"}],"wp:attachment":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/media?parent=413556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/categories?post=413556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/tags?post=413556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}