Add-ons

Thumbnail
HTTP Headers

Developed by

Expert
Expert
1 Review
Not Version 9 Ready Yet.
Free Add 1
Download Archive
I've been playing with the .htaccess settings for few weeks, didn't quite get all the green lights with ‘https://www…

Steevb

Response headers allow a server to send additional information with a response. HTTP response headers can be used for many purposes. E.g. to tell how long a result may be cached, which server the request handled, or what kind of data is returned. The HTTP Headers add-on focuses on security headers.

Available headers

The following response headers can be configured:

  • Content-Security-Policy (CSP)
  • Referrer-Policy
  • Strict-Transport-Security
  • X-Content-Type-Options
  • X-XSS-Protection

Target audience

HTTP Headers is an add-on for advanced users. It can be used by beginners, but it is expected the user is familiar with HTTP headers and how they should be configured.

Testing

Once HTTP Headers is installed, you can also inspect the response headers via the dashboard Test page. You'd also run a scan via https://securityheaders.com, or run a cURL command, e.g. with curl -I https://www.example.com (the -I makes sure only the headers are shown).

Compatibility

- PHP 5.6+
- concrete5 8.3.1+

See all add-ons from A3020

Current Version: 1.0.1
Fully Translatable: Yes
Needs External Libraries: No
Compatible 8.3.1+
License: Standard
Support Response: Replies to tickets every few days.
Support Hosted: On marketplace.concretecms.com
Needs extra server permissions: No
Needs Internet: No
Marketplace Tests:
Passed Automated Tests
Passed PRB Review
Get Help
Reviews Version History FAQ Translate
Related