Title: HeaderShield
Author: Vishwa
Published: <strong>20. März 2026</strong>
Last modified: 20. März 2026

---

Plugins suchen

![](https://ps.w.org/headershield/assets/banner-772x250.png?rev=3487110)

![](https://ps.w.org/headershield/assets/icon.svg?rev=3487110)

# HeaderShield

 Von [Vishwa](https://profiles.wordpress.org/sbvi1122/)

[Herunterladen](https://downloads.wordpress.org/plugin/headershield.1.0.14.zip)

[Live-Vorschau](https://de.wordpress.org/plugins/headershield/?preview=1)

 * [Details](https://de.wordpress.org/plugins/headershield/#description)
 * [Rezensionen](https://de.wordpress.org/plugins/headershield/#reviews)
 *  [Installation](https://de.wordpress.org/plugins/headershield/#installation)
 * [Entwicklung](https://de.wordpress.org/plugins/headershield/#developers)

 [Support](https://wordpress.org/support/plugin/headershield/)

## Beschreibung

HeaderShield adds a conservative set of security headers that improve browser protection
without breaking most sites. It also provides optional strict cross-origin protections
for sites that are ready for them.

Default headers include:

 * X-Frame-Options
 * X-Content-Type-Options
 * X-XSS-Protection (legacy)
 * Referrer-Policy
 * Permissions-Policy
 * Content-Security-Policy (upgrade-insecure-requests)
 * Strict-Transport-Security (HTTPS only)

Strict Mode can additionally enable COEP, COOP, and CORP for stronger isolation,
but may break third‑party scripts or embeds. Use with care and test on staging first.

#### Source code for third-party assets

The admin UI uses SlimSelect for the multi-select dropdown. Human-readable source
is included in the plugin:

 * JavaScript: `assets/js/slimselect.js` (minified build: `assets/js/slimselect.
   min.js`)
 * CSS: `assets/css/slimselect.css` (minified build: `assets/css/slimselect.min.
   css`)

Upstream project: https://github.com/brianvoe/slim-select (MIT). This plugin does
not use a custom build process; the included files are from the published release.

## Installation

 1. Upload the `headershield` plugin folder to `/wp-content/plugins/`, or install via**
    Plugins  Add New** and search for HeaderShield.
 2. Activate the plugin through the **Plugins** menu in WordPress.
 3. Go to **Security Headers** in the admin sidebar to configure settings.

#### Optional: use as must-use plugin

You can also copy the main plugin file into `/wp-content/mu-plugins/` so it is always
active and cannot be disabled from the Plugins screen.

## FAQ

### Will this break my site?

The default headers are conservative and should be safe for most sites. Strict Mode
may break embeds, analytics, fonts, or CDNs, so test on staging first.

### Does this affect SEO?

No. These headers improve browser security and do not affect SEO.

## Rezensionen

Für dieses Plugin gibt es keine Rezensionen.

## Mitwirkende und Entwickler

„HeaderShield“ ist Open-Source-Software. Folgende Menschen haben an diesem Plugin
mitgewirkt:

Mitwirkende

 *   [ Vishwa ](https://profiles.wordpress.org/sbvi1122/)
 *   [ vishvega ](https://profiles.wordpress.org/vishvega/)

[Übersetze „HeaderShield“ in deine Sprache.](https://translate.wordpress.org/projects/wp-plugins/headershield)

### Interessiert an der Entwicklung?

[Durchstöbere den Code](https://plugins.trac.wordpress.org/browser/headershield/),
sieh dir das [SVN-Repository](https://plugins.svn.wordpress.org/headershield/) an
oder abonniere das [Entwicklungsprotokoll](https://plugins.trac.wordpress.org/log/headershield/)
per [RSS](https://plugins.trac.wordpress.org/log/headershield/?limit=100&mode=stop_on_copy&format=rss).

## Änderungsprotokoll

#### 1.0.14

 * Initial public release.

## Meta

 *  Version **1.0.14**
 *  Zuletzt aktualisiert **vor 2 Monaten**
 *  Aktive Installationen **weniger als 10**
 *  WordPress-Version ** 5.0 oder höher **
 *  Getestet bis **6.9.4**
 *  PHP-Version ** 7.4 oder höher **
 *  Sprache
 * [English (US)](https://wordpress.org/plugins/headershield/)
 * Schlagwörter
 * [csp](https://de.wordpress.org/plugins/tags/csp/)[hardening](https://de.wordpress.org/plugins/tags/hardening/)
   [headers](https://de.wordpress.org/plugins/tags/headers/)[hsts](https://de.wordpress.org/plugins/tags/hsts/)
   [security](https://de.wordpress.org/plugins/tags/security/)
 *  [Erweiterte Ansicht](https://de.wordpress.org/plugins/headershield/advanced/)

## Bewertungen

Es wurden noch keine Rezensionen eingereicht.

[Your review](https://wordpress.org/support/plugin/headershield/reviews/#new-post)

[Alle Rezensionen anzeigen](https://wordpress.org/support/plugin/headershield/reviews/)

## Mitwirkende

 *   [ Vishwa ](https://profiles.wordpress.org/sbvi1122/)
 *   [ vishvega ](https://profiles.wordpress.org/vishvega/)

## Support

Möchtest du etwas mitteilen? Brauchst du Unterstützung?

 [Support-Forum anzeigen](https://wordpress.org/support/plugin/headershield/)

## Spenden

Möchtest du die Weiterentwicklung dieses Plugins unterstützen?

 [ Für dieses Plugin spenden ](https://wordpress.org/support/plugin/headershield/)