Title: Fix It Easy Security Headers Author: WP Fix It - WordPress Experts Published: 2025(e)ko abuztuaren 24(a) Last modified: 2025(e)ko abuztuaren 24(a) --- Bilatu pluginak ![](https://ps.w.org/fix-it-easy-security-headers/assets/banner-772x250.png?rev= 3349315) ![](https://ps.w.org/fix-it-easy-security-headers/assets/icon-256x256.gif?rev=3349315) # Fix It Easy Security Headers [WP Fix It – WordPress Experts](https://profiles.wordpress.org/wpfixit/)-(r)en eskutik [Deskargatu](https://downloads.wordpress.org/plugin/fix-it-easy-security-headers.1.1.zip) * [Xehetasunak](https://eu.wordpress.org/plugins/fix-it-easy-security-headers/#description) * [Berrikuspenak](https://eu.wordpress.org/plugins/fix-it-easy-security-headers/#reviews) * [Instalazioa](https://eu.wordpress.org/plugins/fix-it-easy-security-headers/#installation) * [Garapena](https://eu.wordpress.org/plugins/fix-it-easy-security-headers/#developers) [Laguntza](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## Deskripzioa **WP Fix It Easy Security Headers** adds a simple page under **Tools Security Headers** where you can toggle common HTTP security headers: * **Strict-Transport-Security (HSTS)** * **Content-Security-Policy (CSP)** * **X-Frame-Options** * **X-Content-Type-Options** * **Referrer-Policy** * **Permissions-Policy** On activation, all headers are **enabled by default** and you’re redirected to the settings screen. For convenience, the page and the Plugins screen include a **“Check Headers”** button that opens SecurityHeaders.com with your site’s URL prefilled (built dynamically from `home_url()`). ### Notes on CSP This plugin ships with a **permissive** default CSP intended to “work everywhere” out of the box (allows most external sources and inline code). For stronger protection, you should harden the directives for your specific site. ### Key Features * One-click toggles for popular headers * Dynamic “Check Headers” scan link * Uses the WordPress Settings API (nonce + capability checks) * Output escaping and sanitization following PHPCS ## Pantaila-argazkiak * [[ * Settings screen with header toggles and “Check Headers” button. ## Instalazioa 1. Upload the plugin folder to `/wp-content/plugins/fix-it-easy-security-headers/` or install via Plugins Add New. 2. Activate the plugin. 3. You’ll be redirected to **Tools Security Headers**. Review and adjust toggles as needed. 4. (Optional) Click **Check Headers** to verify your headers on SecurityHeaders.com. ## MEG ### Where do I manage the settings? Go to **Tools Security Headers**. ### What happens on activation? All header options are enabled and you’re redirected once to the settings page. ### Will this break my site? Most headers are safe defaults. The provided CSP is intentionally permissive; it shouldn’t block assets. For strict CSPs, tailor directives to your stack and test. ### Can I use this on multisite? Yes. The “Check Headers” URL is derived from `home_url()`. Activation redirect is skipped for network/bulk activations. ### Why don’t I see a “Settings saved” notice twice? The page prints only this plugin’s scoped settings messages to avoid duplicate notices. ### Can I customize the CSP? Yes. You can modify the `$csp` string in `security_headers_add_headers()` to fit your site’s needs. ## Berrikuspenak Ez dago berrikuspenik plugin honentzat. ## Laguntzaileak eta Garatzaileak “Fix It Easy Security Headers” software librea da. Ondoko pertsonek egin dizkiote ekarpenak plugin honi. Laguntzaileak * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) [Itzul zaitez Fix It Easy Security Headers zure hizkuntzara.](https://translate.wordpress.org/projects/wp-plugins/fix-it-easy-security-headers) ### Garapena interesatzen zaizu? [Araka kodea](https://plugins.trac.wordpress.org/browser/fix-it-easy-security-headers/), begiratu [SVN biltegia](https://plugins.svn.wordpress.org/fix-it-easy-security-headers/) edo harpidetu [garapen erregistrora](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/) [RSS](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/?limit=100&mode=stop_on_copy&format=rss) bidez. ## Aldaketen loga #### 1.1 * Initial release. * Header toggles for HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer- Policy, Permissions-Policy. * Activation enables all options and redirects to settings. * Dynamic SecurityHeaders.com scan link. ## Meta * Version **1.1** * Azken eguneraketa **duela 8 hilabete** * Instalazio aktiboak **10+** * WordPress bertsioa ** 5.8 edo handiagoa ** * **6.8.5** (e)raino probatuta. * PHP bertsioa ** 7.4 edo handiagoa ** * Language * [English (US)](https://wordpress.org/plugins/fix-it-easy-security-headers/) * Etiketak * [csp](https://eu.wordpress.org/plugins/tags/csp/)[headers](https://eu.wordpress.org/plugins/tags/headers/) [hsts](https://eu.wordpress.org/plugins/tags/hsts/)[security](https://eu.wordpress.org/plugins/tags/security/) * [Ikuspegi aurreratua](https://eu.wordpress.org/plugins/fix-it-easy-security-headers/advanced/) ## Balorazioak No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/) ## Laguntzaileak * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) ## Laguntza Zerbait duzu esateko? Laguntza behar? [Ikusi laguntza foroa](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## Egizu eskaintza Plugin honen aurrerabidearen euskarri izan nahi duzu? [ Egiozu eskaintza plugin honi ](https://www.wpfixit.com)