GD Security Headers is a brand new plugin available for free on WordPress.org that will help you set up HTTP security headers and receive reports when CSP and XXS Protection directives have been violated.
Content Security Policy (or CSP) is very complex and powerful security-related HTTP header, that might be complex to implement, but essential in limiting what browser is allowed to load when browsing your website.
Referrer Policy is a new HTTP header drafted in 2015, implemented last year. This header controlsĀ referrer header value browser sends when the user is navigating away from your website pages.
Response to each request made to the server from the client side (browser) returns the content and the special block with HTTP response headers containing various information about the content.