Title: Security Headers Author: Joseph Mendez Published: 24 de Septiembre de 2022 Last modified: 26 de Marzo de 2026 --- Buscar plugins ![](https://ps.w.org/firstpage-sg-security-headers/assets/banner-772x250.png?rev =2789535) ![](https://ps.w.org/firstpage-sg-security-headers/assets/icon.svg?rev=2789535) # Security Headers Por [Joseph Mendez](https://profiles.wordpress.org/joshme21/) [Descargar](https://downloads.wordpress.org/plugin/firstpage-sg-security-headers.1.4.0.zip) * [Detalles](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/#description) * [Reseñas](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/#reviews) * [Instalación](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/#installation) * [Desarrollo](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/#developers) [Soporte](https://wordpress.org/support/plugin/firstpage-sg-security-headers/) ## Descripción Security Headers helps site owners manage modern browser security headers from inside WordPress. Features include: * Admin settings page under Settings > Security Headers * HSTS controls with preload warning * Referrer-Policy and X-Frame-Options settings * Permissions-Policy custom value field * Content-Security-Policy builder with Report-Only mode * Diagnostics screen showing configured headers * Test tool to fetch and inspect your live response headers * Import, export, and reset settings tools * Cleanup on uninstall ### Why security headers important? When auditing websites, security headers are frequently forgotten. Although some may argue that website security is unrelated to SEO, it does become so when a site is compromised and search traffic completely disappears. Everyone who publishes content online should pay special attention to security headers. Getting hacked is not good. You lose traffic, customers and it’s a pain to resolve all the issues. But good thing you’re smart and have searched for this plugin :). ## Instalación 1. Upload the plugin folder to `/wp-content/plugins/` 2. Activate the plugin in WordPress 3. Go to Settings > Security Headers 4. Save your preferred configuration ## FAQ ### Is Content-Security-Policy enabled by default? No. CSP is disabled by default because a strict policy can break scripts, styles, embeds, or third-party integrations if it is not configured carefully. ### Should I use Report-Only mode first? Yes. Report-Only mode is the safest way to start testing CSP because it reports problems without blocking resources. ### Does HSTS work on HTTP sites? No. HSTS should only be enabled when your site is fully available over HTTPS. ## Reseñas ![](https://secure.gravatar.com/avatar/043fa4640ad96d725a6e59cff4538afca1f74558ac131a2c04fb537f032fec21? s=60&d=retro&r=g) ### 󠀁[Site Killer](https://wordpress.org/support/topic/site-killer-3/)󠁿 [nofarrell](https://profiles.wordpress.org/nofarrell/) 29 de Mayo de 2023 No warning, no instruction of what to do if you site goes down, no configuration options, deleting the plugin directory does not resort your website. From my experience, unless you have hours with nothing better to do except rebuild your WordPress website, installing advise not to install this plugin ![](https://secure.gravatar.com/avatar/b6398168f573fac25a612a2eea6c89261fd77ca69cf66857f4df344d91b37a8a? s=60&d=retro&r=g) ### 󠀁[great work – A+ score indeed!!!!](https://wordpress.org/support/topic/great-work-a-score-indeed/)󠁿 [vevsglobal](https://profiles.wordpress.org/vevsglobalph/) 27 de Septiembre de 2022 I installed the plugin. great work!!!!!! from F score to A+ score. Thank you for creating this plugin, t was really hard to do it on a htaccess file and server configuration stuff not familiar… and with this plugin i dont need to touch teh htaccess file, it works. [ Leer los 2 comentarios ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/) ## Colaboradores & Desarrolladores “Security Headers” es software de código abierto. Las siguientes personas han contribuido a este plugin. Colaboradores * [ Joseph Mendez ](https://profiles.wordpress.org/joshme21/) “Security Headers” ha sido traducido en 2 idiomas. Gracias a [los traductores](https://translate.wordpress.org/projects/wp-plugins/firstpage-sg-security-headers/contributors) por sus contribuciones. [Traduce “Security Headers” a tu idioma.](https://translate.wordpress.org/projects/wp-plugins/firstpage-sg-security-headers) ### ¿Interesado en el desarrollo? [Revisa el código](https://plugins.trac.wordpress.org/browser/firstpage-sg-security-headers/), echa un vistazo al [repositorio SVN](https://plugins.svn.wordpress.org/firstpage-sg-security-headers/), o suscríbete al [registro de desarrollo](https://plugins.trac.wordpress.org/log/firstpage-sg-security-headers/) por [RSS](https://plugins.trac.wordpress.org/log/firstpage-sg-security-headers/?limit=100&mode=stop_on_copy&format=rss). ## Historial de cambios #### 1.3.0 * Added diagnostics and live header testing tools in wp-admin. * Added import, export, and reset tools for plugin settings. * Added a configurable Content-Security-Policy builder with Report-Only support. * Added uninstall cleanup for stored plugin options. #### 1.2.0 * Added a WordPress admin settings page under Settings > Security Headers. * Added saved plugin options with sanitization and safer defaults. * Connected PHP and Apache header output to the saved admin settings. #### 1.1.0 * Updated plugin metadata for modern WordPress compatibility. * Removed deprecated legacy headers. * Limited default headers to a conservative modern set to reduce breakage. * Only sends HSTS on HTTPS requests. #### 1.0.0 * First release ## Meta * Versión **1.4.0** * Última actualización **hace 2 meses** * Instalaciones activas **700+** * Versión de WordPress ** 6.0 o superior ** * Probado hasta **6.9.4** * Versión de PHP ** 7.4 o superior ** * Idiomas * [English (US)](https://wordpress.org/plugins/firstpage-sg-security-headers/), [Spanish (Chile)](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/), y [Spanish (Spain)](https://es.wordpress.org/plugins/firstpage-sg-security-headers/). * [Traducir a tu idioma](https://translate.wordpress.org/projects/wp-plugins/firstpage-sg-security-headers) * Etiqueta * [Security Headers](https://cl.wordpress.org/plugins/tags/security-headers/) * [Vista Avanzada](https://cl.wordpress.org/plugins/firstpage-sg-security-headers/advanced/) ## Calificaciones 3 de 5 estrellas. * [ 1 valoración de 5 estrellas ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/?filter=5) * [ 0 valoraciones de 4 estrellas ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/?filter=4) * [ 0 valoraciones de 3 estrellas ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/?filter=3) * [ 0 valoraciones de 2 estrellas ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/?filter=2) * [ 1 valoración de 1 estrellas ](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/#new-post) [Ver todas las reseñas](https://wordpress.org/support/plugin/firstpage-sg-security-headers/reviews/) ## Colaboradores * [ Joseph Mendez ](https://profiles.wordpress.org/joshme21/) ## Soporte ¿Tienes algo que decir? ¿Necesitas ayuda? [Ver el foro de soporte](https://wordpress.org/support/plugin/firstpage-sg-security-headers/) ## Donar ¿Te gustaría apoyar el avance de este plugin? [ Donar para este plugin ](https://paypal.me/jose88882020)