Plugin0 - Build Features & Discover WordPress Plugins with AIBeta
Home Plugins wordsentinel
WordSentinel logo

WordSentinel

by Nexsol Technologies on WordPress.org

Secure your WordPress website with advanced HTTP headers, intelligent CSP management, and integrated Mozilla Observatory security analysis.

(0)
The dashboard gives you an overview of your site's current ratings, scan history and benchmark comparison.

The dashboard gives you an overview of your site's current ratings, scan history and benchmark comparison.

The WordSentinel plugin by Nexsol Technologies Sàrl enhances your WordPress website’s security by automatically applying and managing HTTP security headers — including Content Security Policy (CSP) — while providing live security analysis powered by Mozilla Observatory.

Unlike simple header managers, WordSentinel actively helps you understand, measure, and improve your site’s protection.
It provides clear dashboards, actionable insights, and real-time grading so you can reinforce your headers with confidence — no deep technical knowledge required.

What WordSentinel Does

WordSentinel helps protect your WordPress website against common web vulnerabilities such as:
– Cross-Site Scripting (XSS)
– Clickjacking attacks
– Content injection and mixed content issues
– Insecure resource loading (scripts, iframes, styles)

It does so by implementing a complete and configurable set of browser-level security headers, giving you granular control over each directive.

In addition, it connects securely to Mozilla Observatory to scan your site and assign a security grade (A+ to F), helping you benchmark your configuration and understand what needs improvement.

Key Features

  • Comprehensive HTTP Header Management
    Easily configure headers such as:

    • Content Security Policy (CSP)
    • Strict-Transport-Security (HSTS)
    • X-Frame-Options
    • Referrer-Policy
    • X-Content-Type-Options
    • Permissions-Policy

  • Real-Time Security Analysis
    Instantly scan your site via Mozilla Observatory and get a visual security grade.
    The plugin automatically handles rate limits with built-in cooldown protection.

  • Advanced CSP Management
    Create, test, and refine your CSP rules dynamically.
    WordSentinel now supports automatic hash generation for inline scripts and styles, improving both flexibility and security.

  • Smart License and Subscription System
    The free version covers essential headers and analysis.
    Premium users unlock advanced CSP tools, automatic reports, and custom integrations.
    Licenses are securely validated through Nexsol’s API and cached locally for 24 hours.

  • Optimized for Local and Production Environments
    Automatically detects if you are running on localhost and disables API calls for safe testing.

  • Performance and Privacy First
    WordSentinel is lightweight, privacy-respecting, and runs entirely within WordPress.
    No telemetry, analytics, or tracking are ever collected.

  • Multilingual and Accessible Interface
    Translated into six languages with an adaptive design inspired by Mozilla’s clean security aesthetic.

Why Choose WordSentinel?

  • Easy setup — no coding skills required
  • Combines security headers and observatory analysis in one plugin
  • Works seamlessly with most WordPress security and caching plugins
  • Developed and maintained by Nexsol Technologies, a Swiss-based IT company
  • Transparent, privacy-respecting, and GPL-licensed

WordSentinel merges modern web security standards with a simple and intuitive configuration experience — making it a must-have for both developers and site owners who care about protection and compliance.

External Services and API Usage

WordSentinel securely connects to a small number of external APIs to perform license validation and site analysis:

  • Mozilla Observatory API – Used to analyze your website’s HTTP headers and generate a public security grade.
    Data sent: only your site’s public URL.
    Service: https://observatory.mozilla.org/api/

  • Nexsol License Validation API – Used to verify premium licenses and maintain secure feature access.
    Data sent: license key only.
    Service: https://api.nexsol-tech.ch/wordsentinel/licenses

  • Nexsol Public Key API – Used to securely retrieve the public keys required for validating license signatures.
    Data sent: none.
    Service: https://api.nexsol-tech.ch/wordsentinel/certs

All requests are transmitted securely via HTTPS.
WordSentinel never sends personal information, usage analytics, or tracking data of any kind.

Languages Supported

  • English (default)
  • Français (fr_FR)
  • Deutsch (de_DE)
  • Italiano (it_IT)
  • Español (es_ES)
  • Português Brasileiro (pt_BR)

License

This plugin is licensed under the GPLv2 or later.
See the GPLv2 License for details: https://www.gnu.org/licenses/gpl-2.0.html

Support

For documentation, updates, and premium features, visit https://nexsol-tech.ch/wordsentinel

Active installations0+
Weekly downloads
61-7.58%
Version1.2.3
Last updated10/31/2025
WordPress version5.8
Tested up to6.8.3
PHP version7.0
Tags
cspheaderssecuritysslWordPress

Related Plugins

Smart Language Select Disabler for Polylang logo

Smart Language Select Disabler for Polylang

Why this plugin exists?

80+
Post word count in admin logo

Post word count in admin

This plugin will help to count the number of words will show as new column at posts.

10+
Yubikey logo

Yubikey

Enhanced login security for WordPress by requiring the presentation of a One Time Password (OTP) from a registered Yubikey

10+