Last Chance: Cyber Monday 40% OFF

Days
Hours
Minutes

USE CODE: CM2022

What is a Content Security Policy?

Tackle WordPress weaknesses and fortify your website Learn more

The Content Security Policy (CSP) is a security header that tells the browser what content it is allowed to load. It can be used to prevent attacks on website visitors such as Cross Site Scripting (XSS) and Clickjacking. The Content Security Policy uses the Same Origin Policy mechanism to ensure the browser only loads resources from trusted sources. With the Content Security Policy you can prevent browsers from loading scripts, images, css etc from untrusted sources like third party sites or insecure connections. It can also limit certain functions in scripts, restrict where the browser can send the data from completed forms and prevent your site being loaded in an iframe.

The Content Security Policy can be difficult  to setup and some functions cannot be applied to a WordPress site without breaking it.  Setting a Content Security Policy should be done with careful testing in report-only mode first to determine potential issues. Really Simple SSL Pro has a unique learning mode that will detect the resources used by visitors of your website and subsequently lets you approve them to effortlessly construct a Content Security Policy without breaking your website.

In short:

  • A correctly configured Content Security Policy can protect your visitors from the most common web attacks
  • Configuring a Content Security Policy can be challenging and may break your site if not done correctly
  • Really Simple SSL Pro’s unique learning mode can automate the setup of a Content Security Policy for your WordPress website

Table of Contents

Peter Tak

Peter Tak

Security Officer at Really Simple Plugins

Read More

Advanced Security

Tackle WordPress weaknesses and fortify your website. New hardening features!

Definitions

Want to know the in and outs of security jargon? Get to know our features.

Premium support will offer assistance in 24 hours. If you need help, or have any questions just contact our awesome support team/

Related articles