Is HeaderShield free?

Yes, HeaderShield is free to use. It is available as a free plugin on WordPress.org.

How many websites use HeaderShield?

HeaderShield has 0 active installations as tracked by WordPress.org.

What are the best HeaderShield alternatives?

Popular alternatives to HeaderShield include Headers Security Advanced & HSTS WP, Content Security Policy Manager, GD Security Headers. You can compare them side-by-side on our comparison pages.

Does HeaderShield work with the latest WordPress?

HeaderShield has been tested up to WordPress 6.9.4. It requires WordPress 5.0+ and PHP 7.4+.

PluginSift

HeaderShield

Name: HeaderShield
Author: Vishwa

Add safe, modern HTTP security headers with optional strict cross-origin protections and a simple admin UI.

By Vishwa·Csp·Free

·0 active installs·Updated 2 weeks ago

Download Compare

As of April 2026, HeaderShield is a WordPress csp plugin with 0 active installations and a 0/5 rating0. It has been downloaded 84 times in total. Requires WordPress 5.0+ and PHP 7.4+. Available on WordPress.org since 2026. Actively maintained — updated within the last month. Top alternative: Headers Security Advanced & HSTS WP.

0/5Rating

0active installs

84total downloads

1 monthsince 2026

Overview

HeaderShield adds a conservative set of security headers that improve browser protection without breaking most sites. It also provides optional strict cross-origin protections for sites that are ready for them.

Default headers include:

X-Frame-Options
X-Content-Type-Options
X-XSS-Protection (legacy)
Referrer-Policy
Permissions-Policy
Content-Security-Policy (upgrade-insecure-requests)
Strict-Transport-Security (HTTPS only)

Strict Mode can additionally enable COEP, COOP, and CORP for stronger isolation, but may break third‑party scripts or embeds. Use with care and test on staging first.

Source code for third-party assets

The admin UI uses SlimSelect for the multi-select dropdown. Human-readable source is included in the plugin:

JavaScript: assets/js/slimselect.js (minified build: asset…

Read full description on WordPress.org

Ratings & Reviews

00 reviews

5 ★

4 ★

3 ★

2 ★

1 ★

Compatibility

WordPress	5.0+ requiredTested up to 6.9.4
PHP	7.4+ required

Top Alternatives to HeaderShield

Headers Security Advanced & HSTS WP

4.990K+ installsUpdated 2 weeks ago

View Compare

Content Security Policy Manager

4.32.0K+ installsUpdated 3 years ago

View Compare

GD Security Headers

41.0K+ installsUpdated 1 year ago

View Compare

Auto SRI

0300 installsUpdated 3 months ago

View Compare

CSP Friendly Security

3.5200 installsUpdated 3 months ago

View Compare

View all csp plugins →

Frequently Asked Questions

Changelog

1.0.14

Initial public release.

View full changelog on WordPress.org

Contributors

Vishwa

vishvega

Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.

HeaderShield

Add safe, modern HTTP security headers with optional strict cross-origin protections and a simple admin UI.

By Vishwa·Csp·Free

·0 active installs·Updated 2 weeks ago

Download Compare

0/5Rating

0active installs

84total downloads

1 monthsince 2026

Overview

Default headers include:

X-Frame-Options
X-Content-Type-Options
X-XSS-Protection (legacy)
Referrer-Policy
Permissions-Policy
Content-Security-Policy (upgrade-insecure-requests)
Strict-Transport-Security (HTTPS only)

Strict Mode can additionally enable COEP, COOP, and CORP for stronger isolation, but may break third‑party scripts or embeds. Use with care and test on staging first.