=== Security Header Optimization === Contributors: o10n Donate link: https://github.com/o10n-x/ Tags: csp, security, http headers, optimization, content security policy, xss, access control, headers, php headers Requires at least: 4.0 Requires PHP: 5.4 Tested up to: 4.9.4 Stable tag: 0.0.13 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Advanced security header optimization toolkit. Content-Security-Policy, Strict Transport Security (HSTS), Public-Key-Pins (HPKP), X-XSS-Protection and CORS. == Description == This plugin is a toolkit for HTTP Security Header optimization. The plugin provides in a complete solution for Content Security Policy Management with support for Reporting API and legacy policy conversion based on browser sniffing. The plugin supports most security headers, including Strict Transport Security (HSTS), Public-Key-Pins (HPKP), X-XSS-Protection and all Cross-Origin Resource Sharing (CORS) related headers (Access-Control-Allow-Origin). Additional features can be requested on the [Github forum](https://github.com/o10n-x/wordpress-security-header-optimization/issues). **This plugin is a beta release.** Documentation is available on [Github](https://github.com/o10n-x/wordpress-security-header-optimization/tree/master/docs). == Installation == ### WordPress plugin installation 1. Upload the `security-header-optimization/` directory to the `/wp-content/plugins/` directory. 2. Activate the plugin through the 'Plugins' menu in WordPress. 3. Navigate to the plugin settings page. 4. Configure Security Header Optimization settings. Documentation is available on [Github](https://github.com/o10n-x/wordpress-security-header-optimization/tree/master/docs). == Screenshots == == Changelog == = 0.0.13 = Core update (see changelog.txt) = 0.0.11 = * Bugfix: `X-XSS-Protection: 1; mode=block` header (@brant-kelsey) = 0.0.10 = * Bugfix: uninstaller. = 0.0.9 = Bugfix: settings link on plugin index. = 0.0.8 = Core update (see changelog.txt) = 0.0.2 = Bugfix: error after activating plugin. = 0.0.1 = Beta release. Please provide feedback on [Github forum](https://github.com/o10n-x/wordpress-security-header-optimization/issues). == Upgrade Notice == None.