Headers Security Advanced & HSTS WP
Best all-in-one WordPress security plugin, uses HTTP & HSTS response headers to avoid vulnerabilities: XSS, injection, clickjacking. Force HTTP/HTTPS.
4.9(77 reviews)
·90K+ active installs·Updated 2 weeks agoAs of April 2026, Headers Security Advanced & HSTS WP is a WordPress csp plugin with 90K+ active installations and a 4.9/5 rating from 77 reviews. It has been downloaded 1.4M+ times in total. Requires WordPress 4.7+ and PHP 7.4+. Available on WordPress.org since 2021. Actively maintained — updated within the last month. Downloads are down 35% this week. Support resolution rate: 0%. Top alternative: Content Security Policy Manager.
4.9/577 reviews
90K+active installs
0%resolved
5 yearssince 2021
Overview
Headers Security Advanced & HSTS WP is Best all-in-one a free plug-in for all WordPress users. Deactivating this plugin will return your site configuration exactly to the state it was in before.
The Headers Security Advanced & HSTS WP project implements HTTP response headers that your site can use to increase the security of your website. The plug-in will automatically set up all Best Practices (you don’t have to think about anything), these HTTP response headers can prevent modern browsers from running into easily predictable vulnerabilities. The Headers Security Advanced & HSTS WP project wants to popularize and increase awareness and usage of these headers for all wordpress users.
This plugin is developed by OpenHeaders by irn3, we care about WordPress security and be…
Screenshots
Ratings & Reviews
4.977 reviews
5 ★
72
4 ★
3
3 ★
1
2 ★
1
1 ★
0
Recent Reviews
Fantastic!
by Ben·2 months ago
Fantastic Plugin!
Awesome
by ElsBer·4 months ago
I already loved the plugin!
But the help I received from Andrea Ferro when a problem arose was also fantastic.
Fantastic!
Thanks
Great plugin and support
by Fantou·4 months ago
A very usefull and efficient plugin which bring important security to websites by just installing it !
I have some questions and the support was very friendly and quick to answer.
Thanks for your great plugin and your kindness !
Great plugin and even better developer!
by boxhamster·4 months ago
5 stars for this plugin. It’s well done and Andrea is super helpful and fast with questions! Highly recommended. Thank you.
Great plugin, a must have
by pikapower·4 months ago
I was tired of changing htaccess every time and still didn’t get a good score for my security header. At last I found this plugin and it works great! Also the support from Andrea is phenomenal!
Thanks for your help and this plugin!
Download Trends
Today: 727Yesterday: 953This week: 6KPeriod total: 567K
Compatibility
| WordPress | 4.7+ requiredTested up to 6.9.4 |
| PHP | 7.4+ required |
Version Adoption
v5.3
47.0%
v5.2
29.6%
v5.0
22.9%
Other
0.6%
Top Alternatives to Headers Security Advanced & HSTS WP
Frequently Asked Questions
Changelog
5.3.2
This update introduces Shield — optional advanced tools for professionals who need deeper security monitoring. Every existing feature remains completely free, forever.
- New: Shield tab-based interface (Settings, Dashboard, CSP, Notifications, Export/Import, License, Free vs Shield, FAQ)
- New: Security Advisor with personalized recommendations
- New: Security Score Dashboard (A+ to F grading, 10 header status overview)
- New: CSP Guide with recommended tools (Csper.io, Google CSP Evaluator, Report URI, URIports)
- New: CSP violation analytics (top blocked domains, directives, trends)
…and 7 more changes
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.