Content Security Policy (CSP) - by Nick - on WordPress WooCommerce support

This topic has 4 replies, 3 voices, and was last updated 3 years, 5 months ago ago by Muhammad Zaki

  • Avatar: Nick
    February 19, 2021 at 01:40

    Hello guys,

    I would like to add Content-Security-Policy header to my website. However, it was messed my website content. How do i apply it safely or you guys has it for xStore theme?

    Here is what i used:

    Header always set Content-Security-Policy “default-src ‘self’; font-src *;img-src * data:; script-src *; style-src *;”

    3 Answers
    Avatar: Olga Barlow
    Olga Barlow
    Support staff
    February 19, 2021 at 14:52


    Where did you use that? Did you try plugin to implement Content-Security-Policy header?


    Avatar: Nick
    February 19, 2021 at 18:35

    Hi Olga,

    I have added it to Apache directive settings on my domain. Shield Security is great, but not free…lol. Im looking for independency solution.

    Avatar: Muhammad Zaki
    Muhammad Zaki
    Support staff
    February 19, 2021 at 19:27


    Setting up the CSP header is a very complex and difficult task. The plugins used on the site may have different settings so there are no general standards.

    So first of all to set up CSP headers, I would suggest you please use this plugin: It also gives the option to disable the CSP on the back-end so no plugin conflict arises.

    I have personally not tested it but it seems effective in defining CSP and has a simple interface. Please also remember that it is a third-party plugin and we do not guarantee that it will work with your setup but you can give it a try.

    Another way is to add the CSP rules to the .htaccess file. You will have to add rules for google font, analytics, etc.

    I see this detailed document you can take help from for adding your rules to .htaccess.

    Please let me know if you have any concerns regarding this, we would love to assist you.

    Thank you!

  • Viewing 4 results - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.Log in/Sign up

Helpful Topics

We're using our own and third-party cookies to improve your experience and our website. Keep on browsing to accept our cookie policy.