Security Header Generator

Description

How do I automatically generate a Content Security Policy using your plugin?

Login to shell for your site, change directory to your websites root folder, and run wp csp generate. Have some patience because it can take some time to run. Please make sure to run it a few times, I cannot guarantee that it will get everything, but, in my tests on my own sites it did.

Screenshots

  • Standard Header Settings
  • Content Security Policy Settings
  • Permissions Settings
  • Implementation
  • Documentation
  • Import/Export Settings
  • Headers Set

Blocks

This plugin provides 1 block.

  • kpf-gutenberg-block/block-

Reviews

There are no reviews for this plugin.

Contributors and Developers

“Security Header Generator” is open source software. The following people have contributed to this plugin.

Contributors

Change Log

2.0.36

  • Tweak admin permissions
    • found an issue where a subsite admin could not administer
      the settings if the super-admin disabled Plugins in settings

2.0.08

  • Convert all major comments to phpdoc
  • Fix OR DIE on direct file access
  • Removed double PHP version check (whoops!)
  • move the plugins stylesheet
  • Core 5.8.1 Compliance

1.9.51

  • Update: Rewrite Field Framework

1.9.47

  • Update: Field Framework

1.9.44

  • fixed minor issue setting FLoC header

1.9.43

  • Removed sticky header for settings
    • it was not working properly in all browsers anyways
  • Implemented Permissions-Policy header
    • See Here for more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
  • Organize header settings into separate tabs
  • Fixed issue where setting would automatically collapse
  • Re-implement uninstall

1.9.27

  • WordPress Core 5.8 compliance
    • Tested
  • feature re-implement WP CLI functionality
    • Attempts to spider the site gathering up only external resources like imagery, stylesheets, scripts, fonts, frames, etc…
    • Creates a custom post type to hold the output of the parsed external resources
    • Adds the domains only to the Content-Security-Policy header

1.9.23

  • Fix issue where admin menu would not show for some
  • Force PHP 7.3 minimum on actviation

1.9.18

  • Publishing
    • slight issue in readme was preventing updating to 1.9.17

1.9.17

  • Remove the remote header checks implemented in v1.9.11
  • Update Documentation

1.9.11

  • New class to attempt server-side header Implementation
  • If server-side headers do exist, show a note in Settings
  • Attempt to override existing headers
    • only headers set by plugin
  • Cache the above check for 1 day
  • Temprorarily remove the CLI functionality

1.8.23

  • Update settings framework
  • Updated minimum PHP requirement to PHP 7.3

1.8.14

  • Update for WP Core 5.7.2
  • Update methods to force output type

1.8.11

  • implement FLoC decline setting and headers

1.7.03

  • full field framework update

1.7.02

  • field framework update
  • little styling tweak for it

1.6.10

  • fix path issue

1.6.09

  • replace field framework
    • big thanks to Codestar: https://codecanyon.net/user/codestar
  • rebuild the settings and retrieval
  • rework admin sending of headers
  • clear cache on settings save

1.5.22

  • update field framework
  • 5.7 compliance
  • check for existing functionality

1.4.11

  • fix uninstall to remove all options, including for multisite

1.4.09

  • Implement true autoloader
    • rename class files accordingly
  • Implement true autoloader for CLI
    • rename class files accordingly

1.3.13

  • First public release