The new plugin release is focues on the security headers improvements, especially Content Security Policy and Feature Policy, including new rules and options, several improvements and few fixes.

Content Security Policy (CSP) is now easier to configure with the option to specify the list of CDN’s you use on your website (usually, it is just one, but you never know). If you specify one or more CDN’s, the plugin will automatically add required rules for JS, CSS, Images, and Fonts based on the list of CDN’s. And, CSP has new predefined rules for WordPress.org. The settings page for CSP has been also updated.

Few updates to CSP rules page

As for the Features Policy, this one has been expanded with more rules (most experimental, not supported by every browser), and the whole policy has been changed to the Permissions Policy header, with slightly different format. So, the plugin allows you to add both versions of the policy or just one of them. Again, this is supported in different ways by different browsers, so expect warnings by some browsers in some cases (not a big issue).

There are few fixes related to the building of headers, and few updates to included information about some of the rules and policies.

To see the list of all the changes in this version, please check out the changelog. If you find any issues with the new version, please, report them in the support forums.

Please wait...

About the author

MillaN
MillaN
Dev4Press owner and lead developer

Programmer since the age of 12 and WordPress developer since 2008 as freelancer and author of more than 200 plugins and more than 20 themes.

Learn More

GD Security Toolbox Pro
A collection of many security related tools for .htaccess hardening with security events log, ReCaptcha, firewall, and tweaks collection, login and registration control and more.
SiteGround - Managed WordPress Hosting

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to the Newsletter

To get all the latest news and promotions.

Subscribe We will not send you any spam. Newsletters are sent once or twice every month.