Find Wordpress Plugins
0 votes, 0 avg.rating
For a perfectly secured website, you have to avoid ‘unsafe-eval’ and ‘unsafe-inline’ in your content-security-policy header. This plugin add nonces to script/style tags and add those nonces to the content-security-policy header, so your website will be more secure, even if there are other actions to perform in order to have a very strong protection. Features There are no settings, it’s a plug and play plugin. This plugin automaticallly: – add a nonce to each script and style tag and a sha256 hash to online events (onload / onclick) – generate Content Security Policy header with all nonces and hashes + basics (base-uri ‘self’, google fonts, gravatar, maxcdn.bootstrapcdn…) Tested / Works with no cache system, WP Rocket on Plesk (Nginx/Apache webserver) and Lscache (Openlitespeed/Litespeed webserver) Should work elsewhere, just say me and I’ll add your setup to this list. Requirements WordPress 5.0 or higher.