CSP policy implementation via SiteGround Security would be good if it is easy to understand and if it could immediately provide feedback on possible conflicts with various website technologies.
For me, CSP has been a difficult, nerdy thing to code. I tried a couple CSP plugins in the WordPress repository. They were not satisfactory. Then I found online tips for manually inserting CSP code into functions.php.
So far, I have had a hard time balancing a high score from a website security scanner like Mozilla Observatory with certain web functions. It was a challenge adjusting the security settings so that styles, fonts and media (like the MP3 player) would not be blocked. A content security policy on one of my client’s websites was blocking reCAPTCHA, so we turned off CSP.
