Plugin0 - Build Features & Discover WordPress Plugins with AIBeta
Home Plugins security headers caching
Security Headers & Caching logo

Security Headers & Caching

by Studio Be4 on WordPress.org

Enhance your WordPress site security with HTTP security headers and improve performance with smart caching. Works with all hosting providers.

(0)
Main settings page with all security header options

Main settings page with all security header options

Security Headers & Caching is a comprehensive WordPress plugin that helps protect your website by implementing essential HTTP security headers and optimizing performance through intelligent caching mechanisms. Compatible with all hosting providers including Aruba, SiteGround, Bluehost, and more.

Key Features

  • Easy Configuration – Simple admin interface to enable/disable security headers
  • Multiple Security Headers – Comprehensive security header support
  • Smart Caching – Configurable cache duration for better performance
  • Universal Compatibility – Works with all hosting providers
  • No Conflicts – Compatible with popular security and caching plugins
  • Translation Ready – Full internationalization support

Security Headers Included

  • X-Powered-By – Removes server technology information to prevent targeted attacks
  • Content-Security-Policy (CSP) – Controls which resources can be loaded to prevent XSS attacks
  • Strict-Transport-Security (HSTS) – Forces HTTPS connections for enhanced security
  • X-XSS-Protection – Enables XSS filtering in older browsers
  • X-Frame-Options – Prevents clickjacking attacks by controlling iframe embedding
  • X-Content-Type-Options – Prevents MIME type sniffing
  • Referrer-Policy – Controls how much referrer information is shared
  • Permissions-Policy – Controls browser features and APIs

Caching Features

  • Configurable cache duration (seconds)
  • Automatic cache headers management
  • Compatible with CDN services
  • No conflict with existing cache plugins

Why Security Headers Matter

Security headers are HTTP response headers that tell your browser how to behave when handling your website’s content. They help protect against:

  • Cross-Site Scripting (XSS) attacks
  • Clickjacking attempts
  • Code injection attacks
  • MIME type sniffing
  • Protocol downgrade attacks
  • And much more…

Developer Friendly

The plugin provides filters for developers to customize headers:

  • shc_security_headers – Filter to modify security headers array

Test Your Security

After installing and configuring the plugin, test your site’s security at:
* Security Headers
* Mozilla Observatory

Privacy

This plugin does not collect, store, or transmit any user data. It only modifies HTTP response headers sent by your server.

Developer Documentation

Filters

shc_security_headers

Modify the security headers before they are sent.

add_filter( 'shc_security_headers', function( $headers ) {
    // Add custom header
    $headers['X-Custom-Header'] = 'custom-value';

    // Modify existing header
    $headers['X-Frame-Options'] = 'DENY';

    return $headers;
} );

Constants

  • SHC_VERSION – Plugin version number
  • SHC_PLUGIN_DIR – Plugin directory path
  • SHC_PLUGIN_URL – Plugin directory URL
  • SHC_PLUGIN_BASENAME – Plugin basename

Support

For support, feature requests, or bug reports, please visit:
* Plugin Website

Credits

Developed by Studio Be4 – Web Design & Development Agency

License

This plugin is licensed under the GPLv2 or later.

Active installations10+
Weekly downloads
23+2200.00%
Version7.4
Last updated10/8/2025
WordPress version5.9
Tested up to6.8.3
PHP version7.2
Tags
cachecspheadershstssecurity

Related Plugins

Force Plugin Updates logo

Force Plugin Updates

You may need to reinstall any of your plugins, juste check the plugins' box, select "Update", and that's all!

300+
GD Security Headers logo

GD Security Headers

Configure various security-related HTTP headers, including CSP, XSS, Referrer Policy and more.

2K+
HTTP Basic Auth logo

HTTP Basic Auth

Basic Auth for Wordpress.

300+