=== Abdal Security Headers === Contributors: profshafiei Donate link: https://ebrasha.com/abdal-donation Tags: security, security-headers, x-frame-options, content-security-policy, hsts Requires at least: 5.0 Tested up to: 6.7.2 Stable tag: 5.1.3 Requires PHP: 7.2 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Enhance WordPress security with essential HTTP security headers, protecting against XSS, clickjacking, and other common web vulnerabilities. == Description == Abdal Security Headers is a powerful WordPress plugin that enhances your website's security through HTTP security headers. It provides an easy-to-use interface for managing security policies and protecting against common web vulnerabilities. **Key Features:** * Modern UI with iOS-style switches * Real-time CSP Header Preview * Automatic security header configuration * Protection against XSS attacks * Prevention of clickjacking attempts * MIME-type sniffing protection * Strict HTTPS enforcement * Full RTL support * Mobile-responsive interface **Security Headers Managed:** * X-Frame-Options * X-XSS-Protection * X-Content-Type-Options * Strict-Transport-Security (HSTS) * Content-Security-Policy (CSP) * Referrer-Policy * Feature-Policy * Access-Control-Allow-Origin == Installation == 1. Upload the plugin files to `/wp-content/plugins/abdal-security-headers` 2. Activate the plugin through the WordPress plugins screen 3. Navigate to Settings > Security Headers to configure == Frequently Asked Questions == = Is this plugin compatible with caching plugins? = Yes, works with all major caching plugins. = Will this break my website? = No, the default settings are safe for most websites. = Do I need technical knowledge? = No, the interface is user-friendly with helpful tooltips. == Screenshots == 1. Plugin Settings Interface - Main settings page with iOS-style switches 2. CSP Header Configuration - Content Security Policy configuration panel 3. Security Headers Overview - Overview of all active security headers 4. Mobile View - Responsive interface on mobile devices == Changelog == = 5.1.3 = * Fixed CSP preview formatting issues * Resolved RTL/LTR conflicts in the interface * Fixed header removal functionality * Improved compatibility with various WordPress themes = 5.1.2 = * Fixed UI/UX issues = 5.1.1 = * Fixed UI/UX issues * Improved mobile responsiveness * Enhanced RTL support = 5.1.0 = * Complete UI/UX redesign * Added real-time CSP preview * Added iOS-style switches * Added full RTL support * Improved performance * Updated security headers implementation = 2.0.0 = * Updated security headers implementation * Enhanced documentation = 1.2.0 = * Fixed Content-Security-Policy issue * Removed widget functionality = 1.1.0 = * Fixed OOP implementation * Added widget support = 1.0 = * Initial release * Basic security headers implementation == Upgrade Notice == = 5.1.3 = Critical update: Fixes important CSP preview formatting and header removal issues. Resolves RTL/LTR interface conflicts and improves WordPress theme compatibility. All users should upgrade immediately for better functionality and stability. = 5.1.2 = This version includes important UI fixes and improved mobile support. Update recommended for all users. = 5.1.1 = This version includes important UI fixes and improved mobile support. Update recommended for all users. = 5.1.0 = Major update with new interface and enhanced security features. Backup your settings before updating. == Languages == This plugin is available in the following languages: - English (en_US) - Persian (fa_IR) == License == This plugin is released under the **GPLv2 or later** License. License details: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)