This WordPress Plugin add secure headers to you WordPress site.
The Following Headers are included:
– Strict-Transport-Security: Enforces SSL if your website is using SSL (which it should be)
– X-Frame-Options: Prevents Clickjacking
– X-XSS-Protection: Prevents XSS attacks
– X-Content-Type-Options: set to ‘nosniff to prevent MIME-type sniffing
– Referrer-Policy: set to ‘no-referrer-when-downgrade’