Title: Fix It Easy Security Headers Author: WP Fix It - WordPress Experts Published: 24. 8. 2025 Last modified: 24. 8. 2025 --- Prohledat pluginy ![](https://ps.w.org/fix-it-easy-security-headers/assets/banner-772x250.png?rev= 3349315) ![](https://ps.w.org/fix-it-easy-security-headers/assets/icon-256x256.gif?rev=3349315) # Fix It Easy Security Headers Autor: [WP Fix It – WordPress Experts](https://profiles.wordpress.org/wpfixit/) [Stáhnout](https://downloads.wordpress.org/plugin/fix-it-easy-security-headers.1.1.zip) * [Podrobnosti](https://cs.wordpress.org/plugins/fix-it-easy-security-headers/#description) * [Hodnocení](https://cs.wordpress.org/plugins/fix-it-easy-security-headers/#reviews) * [Instalace](https://cs.wordpress.org/plugins/fix-it-easy-security-headers/#installation) * [Vývojáři](https://cs.wordpress.org/plugins/fix-it-easy-security-headers/#developers) [Podpora](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## Popis **WP Fix It Easy Security Headers** adds a simple page under **Tools Security Headers** where you can toggle common HTTP security headers: * **Strict-Transport-Security (HSTS)** * **Content-Security-Policy (CSP)** * **X-Frame-Options** * **X-Content-Type-Options** * **Referrer-Policy** * **Permissions-Policy** On activation, all headers are **enabled by default** and you’re redirected to the settings screen. For convenience, the page and the Plugins screen include a **“Check Headers”** button that opens SecurityHeaders.com with your site’s URL prefilled (built dynamically from `home_url()`). ### Notes on CSP This plugin ships with a **permissive** default CSP intended to “work everywhere” out of the box (allows most external sources and inline code). For stronger protection, you should harden the directives for your specific site. ### Key Features * One-click toggles for popular headers * Dynamic “Check Headers” scan link * Uses the WordPress Settings API (nonce + capability checks) * Output escaping and sanitization following PHPCS ## Snímky obrazovky * [[ * Settings screen with header toggles and “Check Headers” button. ## Instalace 1. Upload the plugin folder to `/wp-content/plugins/fix-it-easy-security-headers/` or install via Plugins Add New. 2. Activate the plugin. 3. You’ll be redirected to **Tools Security Headers**. Review and adjust toggles as needed. 4. (Optional) Click **Check Headers** to verify your headers on SecurityHeaders.com. ## Nejčastější dotazy ### Where do I manage the settings? Go to **Tools Security Headers**. ### What happens on activation? All header options are enabled and you’re redirected once to the settings page. ### Will this break my site? Most headers are safe defaults. The provided CSP is intentionally permissive; it shouldn’t block assets. For strict CSPs, tailor directives to your stack and test. ### Can I use this on multisite? Yes. The “Check Headers” URL is derived from `home_url()`. Activation redirect is skipped for network/bulk activations. ### Why don’t I see a “Settings saved” notice twice? The page prints only this plugin’s scoped settings messages to avoid duplicate notices. ### Can I customize the CSP? Yes. You can modify the `$csp` string in `security_headers_add_headers()` to fit your site’s needs. ## Recenze Pro tento plugin nejsou žádné recenze. ## Autoři Fix It Easy Security Headers je otevřený software. Následující lidé přispěli k vývoji tohoto pluginu. Spolupracovníci * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) [Přeložte “Fix It Easy Security Headers” do svého jazyka.](https://translate.wordpress.org/projects/wp-plugins/fix-it-easy-security-headers) ### Zajímá vás vývoj? [Prohledejte kód](https://plugins.trac.wordpress.org/browser/fix-it-easy-security-headers/), podívejte se do [SVN repozitáře](https://plugins.svn.wordpress.org/fix-it-easy-security-headers/), nebo se přihlaste k[ odběru protokolu vývoje](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/) pomocí [RSS](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/?limit=100&mode=stop_on_copy&format=rss). ## Přehled změn #### 1.1 * Initial release. * Header toggles for HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer- Policy, Permissions-Policy. * Activation enables all options and redirects to settings. * Dynamic SecurityHeaders.com scan link. ## Meta * Verze **1.1** * Poslední aktualizace **před 8 měsíců** * Aktivních instalací **10+** * Verze WordPressu ** 5.8 nebo novější ** * Testováno až do WordPressu **6.8.5** * Verze PHP ** 7.4 nebo novější ** * Jazyk * [English (US)](https://wordpress.org/plugins/fix-it-easy-security-headers/) * Štítky * [csp](https://cs.wordpress.org/plugins/tags/csp/)[headers](https://cs.wordpress.org/plugins/tags/headers/) [hsts](https://cs.wordpress.org/plugins/tags/hsts/)[security](https://cs.wordpress.org/plugins/tags/security/) * [Podrobnosti](https://cs.wordpress.org/plugins/fix-it-easy-security-headers/advanced/) ## Hodnocení Zatím nebyly zadány žádné recenze. [Your review](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/#new-post) [Zobrazit všechny recenze](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/) ## Spolupracovníci * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) ## Podpora Potřebujete pomoc? [Fórum podpory](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## Dary Chtěli byste podpořit vývoj tohoto pluginu? [ Přispět na tento plugin ](https://www.wpfixit.com)