Hi @jmeyer2485,
I hope you are doing great.
Defender provides an option to implement security headers and you can find the same at Defender >> Tools >> Security headers.
Please find more details about the feature here: https://wpmudev.com/docs/wpmu-dev-plugins/defender/#security-headers
I hope that helps.
Kind Regards,
Nebu John
@wpmudevsupport14
You’re correct and they are all turned on but yet the test still shows that Content Security Policy is missing.
Hello @jmeyer2485 !
Apologies for a slight confusion here!
The CSP headers are not part of Defender yet, but we have plans to introduce them to the plugin as well.
The reason those aren’t possible to set up from Defender is that comparing to the other headers which have some simple options, CSP headers basically require a whole dedicated setup and configuration – it’s not just about turning them on. As it’s easy to make mistakes while setting them up, our team is taking some extra time to provide an interface which will help avoid any potential issues.
I’ll add your question as a vote towards this feature as well as our team is tracking the internet from the users.
Kind regards,
Pawel
