Blog Post

New Free Plugin: GD Security Headers

GD Security Headers is a brand new plugin available for free on that will help you setup HTTP security headers and receive reports when CSP and XXS Protection directives have been violated.

The plugin includes settings to configure various HTTP security related headers that can help protect the website and the website users from various types of cross site scripting attacks, manipulation of data and external files loaded by the website.

GD Security Headers: Dashboard with the headers and reports overview

All HTTP headers generated by the plugin can be added to each page generated by WordPress and it works with any web server, or, if you use Apache web server, all headers can be saved to HTACCESS file. The plugin currently supports following HTTP headers:

  • Content Security Policy (CSP) – editor for CSP rules, with automatic rules set up for popular Google services (Fonts, Adsense, Maps, Translations, Analytics) and the ability to log in reports from browsers when the policy has been violated
  • XSS Protection (XXP) – with the ability to log in reports from browsers when the policy has been violated
  • Content-Type – No Sniff Policy
  • Strict Transport Security
  • Referrer Policy
  • Frame Options
Example of headers added to .HTACCESS file

And, more security related headers will be added in the future versions. Plugin is available for free on, so check it out:

Let me know what you think about the new plugin, and if you have any questions or suggestions.

Please wait...
GD Security Headers
An easy way to add HTTP security headers

Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.

About the author

Milan Petrovic
Milan Petrovic

Programmer since the age of 12 and WordPress developer since 2008 as freelancer and author of more than 200 plugins and more than 20 themes.

The Newsletter

Leave a Comment

GeneratePress - The perfect lightweight theme for your next project
SiteGround - Managed WordPress Hosting