Title: HeaderShield
Author: Vishwa
Published: <strong>20 Maarso, 2026</strong>
Last modified: 20 Maarso, 2026

---

Raadi kaabayaal

![](https://ps.w.org/headershield/assets/banner-772x250.png?rev=3487110)

![](https://ps.w.org/headershield/assets/icon.svg?rev=3487110)

# HeaderShield

 Qore [Vishwa](https://profiles.wordpress.org/sbvi1122/)

[Soo Rog](https://downloads.wordpress.org/plugin/headershield.1.0.14.zip)

[Live Preview](https://so.wordpress.org/plugins/headershield/?preview=1)

 * [Faahfaahin](https://so.wordpress.org/plugins/headershield/#description)
 * [Dibu-eegisyo](https://so.wordpress.org/plugins/headershield/#reviews)
 *  [Rakibaad](https://so.wordpress.org/plugins/headershield/#installation)
 * [Horumarinta](https://so.wordpress.org/plugins/headershield/#developers)

 [Taageero](https://wordpress.org/support/plugin/headershield/)

## Sharraxaad

HeaderShield adds a conservative set of security headers that improve browser protection
without breaking most sites. It also provides optional strict cross-origin protections
for sites that are ready for them.

Default headers include:

 * X-Frame-Options
 * X-Content-Type-Options
 * X-XSS-Protection (legacy)
 * Referrer-Policy
 * Permissions-Policy
 * Content-Security-Policy (upgrade-insecure-requests)
 * Strict-Transport-Security (HTTPS only)

Strict Mode can additionally enable COEP, COOP, and CORP for stronger isolation,
but may break third‑party scripts or embeds. Use with care and test on staging first.

#### Source code for third-party assets

The admin UI uses SlimSelect for the multi-select dropdown. Human-readable source
is included in the plugin:

 * JavaScript: `assets/js/slimselect.js` (minified build: `assets/js/slimselect.
   min.js`)
 * CSS: `assets/css/slimselect.css` (minified build: `assets/css/slimselect.min.
   css`)

Upstream project: https://github.com/brianvoe/slim-select (MIT). This plugin does
not use a custom build process; the included files are from the published release.

## Rakibaad

 1. Upload the `headershield` plugin folder to `/wp-content/plugins/`, or install via**
    Plugins  Add New** and search for HeaderShield.
 2. Activate the plugin through the **Plugins** menu in WordPress.
 3. Go to **Security Headers** in the admin sidebar to configure settings.

#### Optional: use as must-use plugin

You can also copy the main plugin file into `/wp-content/mu-plugins/` so it is always
active and cannot be disabled from the Plugins screen.

## SBI

### Will this break my site?

The default headers are conservative and should be safe for most sites. Strict Mode
may break embeds, analytics, fonts, or CDNs, so test on staging first.

### Does this affect SEO?

No. These headers improve browser security and do not affect SEO.

## Dibu-eegisyo

Ma jiraan wax dibu-eegis ah oo ku saabsan kaabahan.

## Ka-qaybgalayaasha & Horumariyayaasha

“HeaderShield” waa softiweer il furan. Dadka soo socda ayaa wax ku biiriyay kaabahan.

Ka-qaybgalayaasha

 *   [ Vishwa ](https://profiles.wordpress.org/sbvi1122/)
 *   [ vishvega ](https://profiles.wordpress.org/vishvega/)

[Ku tarjun “HeaderShield” luqaddaada.](https://translate.wordpress.org/projects/wp-plugins/headershield)

### Ma xiisaynaysaa horumarinta?

[Baadh koodka](https://plugins.trac.wordpress.org/browser/headershield/), fiiri 
[bakhaarka SVN](https://plugins.svn.wordpress.org/headershield/), ama iska qor [diiwaanka horumarinta](https://plugins.trac.wordpress.org/log/headershield/)
adigoo adeegsanaya [RSS](https://plugins.trac.wordpress.org/log/headershield/?limit=100&mode=stop_on_copy&format=rss).

## Isbeddellada

#### 1.0.14

 * Initial public release.

## Meta

 *  Version **1.0.14**
 *  Last updated **2 todobaad kahor**
 *  Active installations **In ka yar 10**
 *  WordPress version ** 5.0 ama ka sareeya **
 *  Tested up to **6.9.4**
 *  PHP version ** 7.4 ama ka sareeya **
 *  Language
 * [English (US)](https://wordpress.org/plugins/headershield/)
 * Tags
 * [csp](https://so.wordpress.org/plugins/tags/csp/)[hardening](https://so.wordpress.org/plugins/tags/hardening/)
   [headers](https://so.wordpress.org/plugins/tags/headers/)[hsts](https://so.wordpress.org/plugins/tags/hsts/)
   [security](https://so.wordpress.org/plugins/tags/security/)
 *  [Aragti Sare](https://so.wordpress.org/plugins/headershield/advanced/)

## Qiimeynta

No reviews have been submitted yet.

[Ku dar dibu-eegistayda](https://wordpress.org/support/plugin/headershield/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/headershield/reviews/)

## Ka-qaybgalayaasha

 *   [ Vishwa ](https://profiles.wordpress.org/sbvi1122/)
 *   [ vishvega ](https://profiles.wordpress.org/vishvega/)

## Taageero

Ma heysaa waxaad dhahdo? Caawimaad ma u baahan tahay?

 [Eeg madasha taageerada](https://wordpress.org/support/plugin/headershield/)

## Ku deeq

Ma jeclaan lahayd inaad taageerto horumarinta kaabahan?

 [ Ugu deeq kaabahan ](https://wordpress.org/support/plugin/headershield/)