29 lines
796 B
PHP
29 lines
796 B
PHP
<?php
|
|
/*
|
|
Plugin Name: Security Headers
|
|
Plugin URI: https://www.medicalalert.com
|
|
Description: Add security headers
|
|
Author: Connect America
|
|
Version: 0.1
|
|
Author URI: https://www.medicalalert.com
|
|
*/
|
|
|
|
add_action('send_headers', function(){
|
|
// Upgrade HTTP requests to secure HTTPS
|
|
header("Content-Security-Policy: upgrade-insecure-requests;");
|
|
// Enforce the use of HTTPS
|
|
header("Strict-Transport-Security: max-age=31536000; includeSubDomains");
|
|
// Prevent Clickjacking
|
|
header("X-Frame-Options: SAMEORIGIN");
|
|
// Block Access If XSS Attack Is Suspected
|
|
header("X-XSS-Protection: 1; mode=block");
|
|
// Prevent MIME-Type Sniffing
|
|
header("X-Content-Type-Options: nosniff");
|
|
// Referrer Policy
|
|
header("Referrer-Policy: no-referrer-when-downgrade");
|
|
}, 1);
|
|
|
|
|
|
|
|
|