Best all-in-one WordPress security plugin, uses HTTP & HSTS response headers to avoid vulnerabilities: XSS, injection, clickjacking. Force HTTP/HTTPS.
Protect Your WordPress Site From Clickjacking Attacks by Adding the X-Frame-Options Header and Owasp's Legacy Browser Frame Breaking Script.
