I am an active community member and passionate concrete5 developer. My goal is to make useful, high quality add-ons to make your business more succesful and to grow concrete5. In case you are looking for a developer, I am available for work!

Thumbnail
HTTP Headers

Developed by

Expert
Expert

Response headers allow a server to send additional information with a response. HTTP response headers can be used for many purposes. E.g. to tell how long a result may be cached, which server the request handled, or what kind of data is returned. The HTTP Headers add-on focuses on security headers.

Available headers

The following response headers can be configured:

  • Content-Security-Policy (CSP)
  • Referrer-Policy
  • Strict-Transport-Security
  • X-Content-Type-Options
  • X-XSS-Protection

Target audience

HTTP Headers is an add-on for advanced users. It can be used by beginners, but it is expected the user is familiar with HTTP headers and how they should be configured.

Testing

Once HTTP Headers is installed, you can also inspect the response headers via the dashboard Test page. You'd also run a scan via https://securityheaders.com, or run a cURL command, e.g. with curl -I https://www.example.com (the -I makes sure only the headers are shown).

Compatibility

- PHP 5.6+
- concrete5 8.3.1+

See all add-ons from A3020

Current Version: 1.0.1
Fully Translatable: Yes
Needs External Libraries: No
Compatible 8.3.1+
License: Standard
Support Response: Replies to tickets every few days.
Support Hosted: On concrete5.org
Needs extra server permissions: No
Needs Internet: No
Marketplace Tests:
Passed Automated Tests
Passed PRB Review