Blog Post

New Free Plugin: GD Security Headers

GD Security Headers is a brand new plugin available for free on that will help you setup HTTP security headers and receive reports when CSP and XXS Protection directives have been violated.

The plugin includes settings to configure various HTTP security related headers that can help protect the website and the website users from various types of cross site scripting attacks, manipulation of data and external files loaded by the website.

GD Security Headers: Dashboard with the headers and reports overview

All HTTP headers generated by the plugin can be added to each page generated by WordPress and it works with any web server, or, if you use Apache web server, all headers can be saved to HTACCESS file. The plugin currently supports following HTTP headers:

  • Content Security Policy (CSP) – editor for CSP rules, with automatic rules set up for popular Google services (Fonts, Adsense, Maps, Translations, Analytics) and the ability to log in reports from browsers when the policy has been violated
  • XSS Protection (XXP) – with the ability to log in reports from browsers when the policy has been violated
  • Content-Type – No Sniff Policy
  • Strict Transport Security
  • Referrer Policy
  • Frame Options
Example of headers added to .HTACCESS file

And, more security related headers will be added in the future versions. Plugin is available for free on, so check it out:

Let me know what you think about the new plugin, and if you have any questions or suggestions.

Please wait...
GD Security Headers plugin for WordPress
An easy way to add HTTP security headers to WordPress

Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.

About the author

Milan Petrovic
Milan Petrovic

CEO and Lead developer of Dev4Press Web Development company, working with WordPress since 2008, first as a freelancer, later founding own development company. Author of more than 250 plugins and more than 20 themes.

Subscribe to Dev4Press Newsletter

Get the latest announcements, release digests, promotions and exclusive discounts, and general Dev4Press-related news straight into your mailbox.

This form collects your email (optionally your name) for the purpose of sending you newsletters. Check out our Privacy Policy for more information on how we store and manage your data. We will not send you any spam. Newsletters are sent 2 to 4 times every month.

Latest From The Blog

wordpress happy birthday wordpress turns 21

Happy Birthday: WordPress Turns 21

21 years young and still going strong, WordPress powers nearly half of all Internet websites and is the most used CMS by a large margin over the competition, with a very active development cycle, showing no signs of slowing down.
tutorials wordpress debug mode benefits and pitfalls

WordPress Debug mode: Benefits and Pitfalls

Developers know how to best use debug in WordPress and WordPress WP_DEBUG constant to get through potential problems and bugs their code might have. But, for regular users, using debug mode can be very confusing and cause more problems than it can help solve.
plugins relase corsecurity 1 9

coreSecurity Pro 1.9

coreSecurity Pro 1.9 brings several very important bug fixes (related to the file scanner), several new features related to antispam control, user session management, improvements to the file scanner, and more.

Leave a Comment

Grammarly - Number 1 Writing App
GeneratePress - The perfect lightweight theme for your next project