Reply 275343 to: Content Security Policy (CSP)

Avatar: Muhammad Zaki
Muhammad Zaki
Support staff
February 19, 2021 at 19:27

Hello!

Setting up the CSP header is a very complex and difficult task. The plugins used on the site may have different settings so there are no general standards.

So first of all to set up CSP headers, I would suggest you please use this plugin:https://wordpress.org/plugins/content-security-policy-pro/. It also gives the option to disable the CSP on the back-end so no plugin conflict arises.

I have personally not tested it but it seems effective in defining CSP and has a simple interface. Please also remember that it is a third-party plugin and we do not guarantee that it will work with your setup but you can give it a try.

Another way is to add the CSP rules to the .htaccess file. You will have to add rules for google font, analytics, etc.

I see this detailed document you can take help from for adding your rules to .htaccess.
https://walterebert.com/blog/using-csp-wordpress/

Please let me know if you have any concerns regarding this, we would love to assist you.

Thank you!

Go To The Whole Conversation In Topic
We're using our own and third-party cookies to improve your experience and our website. Keep on browsing to accept our cookie policy.