=== Plugin Name ===
Contributors: carlconrad
Tags: security, http headers, hsts, https
Requires at least: 4.6
Tested up to: 4.7
Stable tag: 1.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Plugin to add HTTP header improved security

== Description ==

This plug-in helps setting up the various header instructions included in the HTTP protocol allowing simple improvement of your website security. As usual, make sure to understand the meaning of these options and to run full tests on your web site as some options may result in some features stop working.

This plug-in provides security enhancement by enabling follow measures:

* HSTS (Strict-Transport-Security)
* Clickjacking mitigation (X-Frame-Options in main site)
* XSS protection (X-XSS-Protection)
* Disabling content sniffing (X-Content-Type-Options)

== Installation ==

1. Upload the plugin files to the `/wp-content/plugins/http-security` directory, or install the plugin through the WordPress plugins screen directly.
1. Activate the plugin through the 'Plugins' screen in WordPress.
1. Use the Settings->HTTP Security screen to configure the plugin.

== Frequently Asked Questions ==

= How can I test the plug-in runs effectively? =

Check the HTTP headers of your web site.

== Screenshots ==

1. Main and only screen.

== Changelog ==

= 1.3 =
* Added X-Frame-Options protection.
* Added X-Content-Type-Options protection.
* Added HSTS options.

= 1.2 =
* Repository fix.

= 1.1 =
* Added XSS protection option.

= 1.0 =
* First stable version providing basic HSTS support.

== Upgrade Notice ==

= 1.0 =
First stable version.