If you are using WordPress website, then you can increase your website security by implementing proper Security Headers on your website. These HTTP Headers pass additional information between the client and the server. Using these you can add another layer of security in your website to prevent and mitigate attacks. In this tutorial we will see how to add HTTP headers on your wordpress website using HTTP Headers wordpress plugin. You don’t need to add or change any code of your Websites.
Important HTTP Security Headers For WordPress
HTTP Strict Transport Security (HSTS)
X-Frame-Options
X-XSS-Protection
X-Content-Type-Options
Content-Security-Policy (CSP)
HTTP Headers for WordPress Security Plugin
HTTP Headers is a free WordPress security plugin to control your website HTTP headers. Using this plugin you can prevent some XSS, MITM and Clickjacking attacks in your wordpress website. Currently it supports more than 34 HTTP Headers. For the complete list of supported HTTP headers go to the below plugin homepage
How to install HTTP Headers WordPress Plugin on your website:
Login to your wordpress admin dashboard. (wp-admin/login).
In your wordpress admin dashboard click plugins and select Add New.
Type HTTP Headers in the search field and press the enter key.
Click the Install Now button in HTTP Headers wordpress plugin by Dimitar Ivanov.
After the successfully Installation click the activate Plugin link to activate HTTP Headers.
You can also download and install manually from below download link.
Add HTTP Security Headers in WordPress
After the installation and activation of WordPress HTTP Headers security plugin, go to Settings and select HTTP Headers in your left side WordPress dashboard menu.
They divided the HTTP Headers in six sections. Security, Access Control, Authentication, Compression, Caching and others. If you want to add the security related headers then go to the Security button.
Using the edit button you can set each individual HTTP security headers. Example if you want to set X-Frame-Option, Then click the X-Frame-Options edit link. Select the On radio button and select the option from right side drop down box. Here i am using SAMEORIGIN option. Hit the Save Changes button. That’s it.
