CSP-ANTS&ST

CSP-ANTS&ST Install Statistics

0
100%
Today: 0 Yesterday: 0 All-time: 1,010 downloads
CSP-ANTS&ST Icon

Try plugin: CSP-ANTS&ST

We'll create fresh WordPress site with CSP-ANTS&ST installed. You have 20 minutes to test the plugin after that site we'll be deleted.

Takes ~10 seconds to install.

About CSP-ANTS&ST

Add a nonce to each script and style tags, sha256 hashes to inline events, and set them in CSP header.

2


0


1


0


1

updated: 2 years ago
since: 2 years ago
author: Pascal CESCATO

Description

For a perfectly secured website, you have to avoid ‘unsafe-eval’ and ‘unsafe-inline’ in your content-security-policy header.
This plugin add nonces to script/style tags and add those nonces to the content-security-policy header, so your website will be more secure, even if there are other actions to perform in order to have a very strong protection.

Features

There are no settings, it’s a plug and play plugin.
This plugin automaticallly:
– add a nonce to each script and style tag and a sha256 hash to online events (onload / onclick)
– generate Content Security Policy header with all nonces and hashes + basics (base-uri ‘self’, google fonts, gravatar, maxcdn.bootstrapcdn…)

Tested / Works with no cache system, WP Rocket on Plesk (Nginx/Apache webserver) and Lscache (Openlitespeed/Litespeed webserver)
Should work elsewhere, just say me and I’ll add your setup to this list.

Requirements

  • WordPress 5.0 or higher.