Security Headers
Security headers are directives used by web applications to configure browser-side security defenses.
3(2 reviews)
·700 active installs·Updated 1 week agoAs of April 2026, Security Headers is a WordPress Security Headers plugin with 700 active installations and a 3/5 rating from 2 reviews. It has been downloaded 4.8K+ times in total. Requires WordPress 6.0+ and PHP 7.4+. Available on WordPress.org since 2022. Actively maintained — updated within the last month. Top alternative: HTTP Headers.
3/52 reviews
700active installs
4.8K+total downloads
4 yearssince 2022
Overview
Security Headers helps site owners manage modern browser security headers from inside WordPress.
Features include:
- Admin settings page under Settings > Security Headers
- HSTS controls with preload warning
- Referrer-Policy and X-Frame-Options settings
- Permissions-Policy custom value field
- Content-Security-Policy builder with Report-Only mode
- Diagnostics screen showing configured headers
- Test tool to fetch and inspect your live response headers
- Import, export, and reset settings tools
- Cleanup on uninstall
Why security headers important?
When auditing websites, security headers are frequently forgotten.
Although some may argue that website security is unrelated to SEO, it does become so when a site is compromised and search traffic completely disappears.
Everyone who publishes content onl…
Ratings & Reviews
32 reviews
5 ★
1
4 ★
0
3 ★
0
2 ★
0
1 ★
1
Compatibility
| WordPress | 6.0+ requiredTested up to 6.9.4 |
| PHP | 7.4+ required |
Top Alternatives to Security Headers
Frequently Asked Questions
Changelog
1.3.0
- Added diagnostics and live header testing tools in wp-admin.
- Added import, export, and reset tools for plugin settings.
- Added a configurable Content-Security-Policy builder with Report-Only support.
- Added uninstall cleanup for stored plugin options.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.