
外掛標籤
開發者團隊
原文外掛簡介
Security Headers Audit empowers WordPress site owners to fortify their browser-side security through modern HTTP security headers and robust, comprehensive auditing tools.
The plugin provides a professional, easy-to-use interface for configuring recommended security headers, seamlessly monitoring Content Security Policy (CSP) violations, recording browser console errors, and tracking security-related configuration changes within WordPress.
By proactively implementing industry-standard browser security protections, Security Headers Audit helps drastically reduce exposure to common web vulnerabilities such as Cross-Site Scripting (XSS), clickjacking, MIME-type sniffing attacks, and unsafe cross-origin interactions.
Key Features
Centralized Dashboard: Configure HTTP Security Headers effortlessly.
CSP Management: Complete Content Security Policy builder and manager.
HSTS Support: Enforce Strict-Transport-Security (HSTS) for SSL protection.
Clickjacking Protection: X-Frame-Options to prevent unauthorized iframe embedding.
MIME Sniffing Prevention: X-Content-Type-Options support.
Privacy Controls: Comprehensive Referrer-Policy management.
Feature Policies: Permissions-Policy configuration for browser hardware and feature control.
Cross-Origin Protections: Full support for COOP, COEP, and CORP policies.
Violation Monitoring: Detailed CSP violation logging and reporting.
Frontend Error Collection: Log JavaScript browser console errors experienced by real users.
Audit Trail: Track all security configuration changes made by administrators.
Portability: Import and export settings securely.
Clean Uninstall: Complete database cleanup support upon uninstallation.
Supported Security Headers
Content-Security-Policy (CSP)
Strict-Transport-Security (HSTS)
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
Cross-Origin-Opener-Policy (COOP)
Cross-Origin-Embedder-Policy (COEP)
Cross-Origin-Resource-Policy (CORP)
