Best all-in-one WordPress security plugin, uses HTTP & HSTS response headers to avoid vulnerabilities: XSS, injection, clickjacking. Force HTTP/HTTPS.
Plugin for configuring Content Security Policy headers for your site. Allows different CSP headers for admin, logged inn frontend and regular visitors
Configure various security-related HTTP headers, including CSP, XSS, Referrer Policy and more.
Block XSS vulnerabilities by adding a Content Security Policy header, plugin receives violations to easily maintain the security policy.
Add a nonce to each script and style tags, sha256 hashes to inline events, and set them in CSP header.
No unsafe-inline helps you to build a Content Security Policy avoiding to use 'unsafe-inline' and 'unsafe-hashes'.