Title: BoundaryGuard Headers Author: Jay Suthar Published: 29. december, 2025 Last modified: 5. januar, 2026 --- Søg plugins ![](https://ps.w.org/boundaryguard-headers/assets/banner-772x250.png?rev=3428818) ![](https://ps.w.org/boundaryguard-headers/assets/icon-256x256.png?rev=3428818) # BoundaryGuard Headers Af [Jay Suthar](https://profiles.wordpress.org/jsjack74/) [Download](https://downloads.wordpress.org/plugin/boundaryguard-headers.1.0.0.zip) * [Detaljer](https://da.wordpress.org/plugins/boundaryguard-headers/#description) * [Vurderinger](https://da.wordpress.org/plugins/boundaryguard-headers/#reviews) * [Installation](https://da.wordpress.org/plugins/boundaryguard-headers/#installation) * [Udvikling](https://da.wordpress.org/plugins/boundaryguard-headers/#developers) [Support](https://wordpress.org/support/plugin/boundaryguard-headers/) ## Beskrivelse BoundaryGuard Headers enforces modern HTTP security headers to harden your WordPress site against XSS, clickjacking, mixed content, and cross-origin attacks. **Key Features:** * **Essential Protection:** Adds X-Frame-Options, X-Content-Type-Options, Referrer- Policy, and Permissions-Policy to reduce attack surface and prevent clickjacking. * **HSTS (Strict Transport Security):** Forces HTTPS connections to help prevent protocol downgrade and man-in-the-middle attacks. * **Advanced Isolation (COOP/COEP):** Enables Cross-Origin-Opener-Policy and Cross- Origin-Embedder-Policy to improve cross-origin isolation and mitigate certain side-channel attacks. * **Content Security Policy (CSP):** One of the strongest defenses against XSS. Includes a dashboard-based CSP builder with preset options to whitelist trusted sources for scripts, styles, images, and more. * **CSP Report-Only Mode:** Test your policy safely without blocking content. * **Server Header Hardening:** Removes or limits exposure of headers such as `X- Powered-By` and `Server`. * **Lightweight and Fast:** Uses PHP headers for broad server compatibility and minimal performance impact. * **No `.htaccess` Editing Required:** Works without modifying server configuration files. Designed for developers and site owners who want stronger security without unnecessary complexity. ### External Services This plugin provides a Content Security Policy (CSP) builder. To assist users, it includes “Preset Buttons” that allow users to quickly add domain names to their own CSP whitelist. **This plugin DOES NOT connect to, load data from, or send data to these services automatically.** The following third-party domains are referenced as presets within the admin dashboard for whitelisting purposes: * Google Analytics (www.google-analytics. com) – Used for tracking whitelisting. [Privacy: https://policies.google.com/privacy]* Google Tag Manager (www.googletagmanager.com) – Used for tag management. [Privacy: https://policies.google.com/privacy] * Stripe (js.stripe.com, api.stripe.com) – Used for payment processing. [Privacy: https://stripe.com/privacy] * Facebook (www. facebook.com, connect.facebook.net) – Used for social embeds. [Privacy: https:// www.facebook.com/policy.php] * YouTube (www.youtube.com, i.ytimg.com) – Used for video embeds. [Privacy: https://policies.google.com/privacy] * Vimeo (player.vimeo. com) – Used for video embeds. [Privacy: https://vimeo.com/privacy] * Gravatar (secure. gravatar.com) – Used for user avatars. [Privacy: https://automattic.com/privacy/] ## Installation 1. Upload the `boundaryguard-headers` folder to the `/wp-content/plugins/` directory. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Configure the settings from **Settings BoundaryGuard Headers**. ## FAQ ### Does this plugin edit .htaccess? No. BoundaryGuard Headers uses PHP headers, which improves compatibility across different hosting environments. ### Can I test Content Security Policy without breaking my site? Yes. The plugin includes a **CSP Report-Only Mode** that allows you to monitor policy violations without blocking any resources. ### Will this affect site performance? No. The plugin is lightweight and adds negligible overhead, as headers are sent as part of the normal HTTP response. ## Anmeldelser ![](https://secure.gravatar.com/avatar/c344067e40ea7ac6265911750c5634490947a5aac22fcc81cab5c0bd68a2ed5e? s=60&d=retro&r=g) ### 󠀁[Best plugin for security](https://wordpress.org/support/topic/best-plugin-for-security-3/)󠁿 [jaymakadiya](https://profiles.wordpress.org/jaymakadiya/) 30. december, 2025 I’ve been using BoundaryGuard Headers on my WordPress site, and overall it’s a very helpful security plugin. It focuses on adding important HTTP security headers — like Content Security Policy, X-Frame-Options, and HSTS — which helps protect the site from things like XSS attacks and clickjacking. [ Læs 1 anmeldelse ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/) ## Bidragsydere & udviklere “BoundaryGuard Headers” er open source-software. Følgende personer har bidraget til dette plugin. Bidragsydere * [ Jay Suthar ](https://profiles.wordpress.org/jsjack74/) [Oversæt “BoundaryGuard Headers” til dit eget sprog.](https://translate.wordpress.org/projects/wp-plugins/boundaryguard-headers) ### Interesseret i udvikling? [Gennemse koden](https://plugins.trac.wordpress.org/browser/boundaryguard-headers/), tjek [SVN repository](https://plugins.svn.wordpress.org/boundaryguard-headers/), eller abonner på [udviklerloggen](https://plugins.trac.wordpress.org/log/boundaryguard-headers/) via [RSS](https://plugins.trac.wordpress.org/log/boundaryguard-headers/?limit=100&mode=stop_on_copy&format=rss). ## Ændringslog #### 1.0.0 * Initial release * Added essential HTTP security headers * Implemented HSTS support * Added CSP builder with report-only mode ## Meta * Version **1.0.0** * Senest opdateret **3 måneder siden** * Aktive installationer **Færre end 10** * WordPress-version ** 6.0 eller højere ** * Testet op til **6.9.4** * PHP-version ** 7.4 eller højere ** * Sprog * [English (US)](https://wordpress.org/plugins/boundaryguard-headers/) * Tags * [csp](https://da.wordpress.org/plugins/tags/csp/)[hsts](https://da.wordpress.org/plugins/tags/hsts/) [http-headers](https://da.wordpress.org/plugins/tags/http-headers/)[security](https://da.wordpress.org/plugins/tags/security/) [xss](https://da.wordpress.org/plugins/tags/xss/) * [Avanceret visning](https://da.wordpress.org/plugins/boundaryguard-headers/advanced/) ## Bedømmelser 5 ud af 5 stjerner. * [ 1 5-stjernet anmeldelse ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/?filter=5) * [ 0 4-stjernet anmeldelser ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/?filter=4) * [ 0 3-stjernet anmeldelser ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/?filter=3) * [ 0 2-stjernet anmeldelser ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/?filter=2) * [ 0 1-stjernet anmeldelser ](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/?filter=1) [Tilføj min vurdering](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/#new-post) [Se alle anmeldelser.](https://wordpress.org/support/plugin/boundaryguard-headers/reviews/) ## Bidragsydere * [ Jay Suthar ](https://profiles.wordpress.org/jsjack74/) ## Support Har du noget at sige? Har du brug for hjælp? [Vis supportforum](https://wordpress.org/support/plugin/boundaryguard-headers/)