Blog Post

New Free Plugin: GD Security Headers

GD Security Headers is a brand new plugin available for free on that will help you setup HTTP security headers and receive reports when CSP and XXS Protection directives have been violated.

The plugin includes settings to configure various HTTP security related headers that can help protect the website and the website users from various types of cross site scripting attacks, manipulation of data and external files loaded by the website.

GD Security Headers: Dashboard with the headers and reports overview

All HTTP headers generated by the plugin can be added to each page generated by WordPress and it works with any web server, or, if you use Apache web server, all headers can be saved to HTACCESS file. The plugin currently supports following HTTP headers:

  • Content Security Policy (CSP) – editor for CSP rules, with automatic rules set up for popular Google services (Fonts, Adsense, Maps, Translations, Analytics) and the ability to log in reports from browsers when the policy has been violated
  • XSS Protection (XXP) – with the ability to log in reports from browsers when the policy has been violated
  • Content-Type – No Sniff Policy
  • Strict Transport Security
  • Referrer Policy
  • Frame Options
Example of headers added to .HTACCESS file

And, more security related headers will be added in the future versions. Plugin is available for free on, so check it out:

Let me know what you think about the new plugin, and if you have any questions or suggestions.

Please wait...
GD Security Headers
An easy way to add HTTP security headers

Configure various security related HTTP headers, including Content Security Policy, Referrer Policy and more. All headers can be added to .HTACCESS file.

About the author

Milan Petrovic
Milan Petrovic

CEO and Lead developer of Dev4Press Web Development company, working with WordPress since 2008, first as a freelancer, later founding own development company. Author of more than 250 plugins and more than 20 themes.

Subscribe to Dev4Press Newsletter

Get the latest announcements, release digests, promotions and exclusive discounts, and general Dev4Press-related news straight into your mailbox.

This form collects your email (optionally your name) for the purpose of sending you newsletters. Check out our Privacy Policy for more information on how we store and manage your data. We will not send you any spam. Newsletters are sent 2 to 4 times every month.

Leave a Comment

Grammarly - Number 1 Writing App
SiteGround - Managed WordPress Hosting