Marvelous Tool for various Security Header settings

Great tool. Novices, beware, the myriad of settings is a bit daunting at first so you need to dive into the subtleties of Header settings, specifically the ones that address security settings for your site.

A good resource for the broad variety of settings for Content Security Policy as well as other important Header settings such as X-Frame-Options, X-Content-Type-Options, Strict-Transport-Security, Referrer-Policy and Permissions Policy can be found at cheatsheetseries owasp org.

Take your time working out which settings work best for your site. Getting a good rating at securityheaders com will reward you for your efforts.

While the tool respects your initial .htaccess content it’s a good idea to backup your .htaccess before saving and applying the plugins settings.