Title: HTTP Security Headers
Last modified: November 18, 2022

---

# HTTP Security Headers

 *  [solsouldesigns](https://wordpress.org/support/users/solsouldesigns/)
 * (@solsouldesigns)
 * [3 years, 6 months ago](https://wordpress.org/support/topic/http-security-headers-3/)
 * In looking at WP Cerber documentation and forums, I am unclear how your (free)
   plugin implements and options to handle HTTP Security Headers. I recently did
   a security audit for a specific client website (got an A grade) but it suggests
   a fix to hardened HTTP Security Headers by adding the following 1) strict-transport-
   security, 2)x-content-type-options, 3) x-frame-options, and 4) x-xss-protection
   OR content-security-policy (one required). My client’s website does not transmit
   sensitive data, so I might not add these, but my other websites do, so I would
   like to implement these headers to specific websites that would benefit from 
   extra layer of security. I understand that these can be added to .htaccess file
   but I am wondering if I am missing something on the (free version) WP Cerber 
   plugin or if there are reason that are not included in the plugin. I am considering
   the pro version for my other client’s website, so if the pro version has these
   HTTP Security Headers options, I would like to know, because it’s unclear this
   is included. Keep up the great work, I am really liking this plugin. I switched
   from WordFence.

The topic ‘HTTP Security Headers’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wp-cerber_77a9bf.svg)
 * [WP Cerber Security, Anti-spam & Malware Scan](https://wordpress.org/plugins/wp-cerber/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-cerber/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-cerber/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-cerber/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-cerber/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-cerber/reviews/)

 * 0 replies
 * 1 participant
 * Last reply from: [solsouldesigns](https://wordpress.org/support/users/solsouldesigns/)
 * Last activity: [3 years, 6 months ago](https://wordpress.org/support/topic/http-security-headers-3/)
 * Status: not resolved