Title: HeaderShield Author: Vishwa Published: 2026 年 3 月 20 日 Last modified: 2026 年 3 月 20 日 --- 搜尋外掛 ![](https://ps.w.org/headershield/assets/banner-772x250.png?rev=3487110) ![](https://ps.w.org/headershield/assets/icon.svg?rev=3487110) # HeaderShield 由 [Vishwa](https://profiles.wordpress.org/sbvi1122/) 開發 [下載](https://downloads.wordpress.org/plugin/headershield.1.0.14.zip) [即時預覽](https://tw.wordpress.org/plugins/headershield/?preview=1) * [詳細資料](https://tw.wordpress.org/plugins/headershield/#description) * [使用者評論](https://tw.wordpress.org/plugins/headershield/#reviews) * [安裝方式](https://tw.wordpress.org/plugins/headershield/#installation) * [開發資訊](https://tw.wordpress.org/plugins/headershield/#developers) [技術支援](https://wordpress.org/support/plugin/headershield/) ## 外掛說明 HeaderShield adds a conservative set of security headers that improve browser protection without breaking most sites. It also provides optional strict cross-origin protections for sites that are ready for them. Default headers include: * X-Frame-Options * X-Content-Type-Options * X-XSS-Protection (legacy) * Referrer-Policy * Permissions-Policy * Content-Security-Policy (upgrade-insecure-requests) * Strict-Transport-Security (HTTPS only) Strict Mode can additionally enable COEP, COOP, and CORP for stronger isolation, but may break third‑party scripts or embeds. Use with care and test on staging first. #### Source code for third-party assets The admin UI uses SlimSelect for the multi-select dropdown. Human-readable source is included in the plugin: * JavaScript: `assets/js/slimselect.js` (minified build: `assets/js/slimselect. min.js`) * CSS: `assets/css/slimselect.css` (minified build: `assets/css/slimselect.min. css`) Upstream project: https://github.com/brianvoe/slim-select (MIT). This plugin does not use a custom build process; the included files are from the published release. ## 安裝方式 1. Upload the `headershield` plugin folder to `/wp-content/plugins/`, or install via** Plugins Add New** and search for HeaderShield. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Go to **Security Headers** in the admin sidebar to configure settings. #### Optional: use as must-use plugin You can also copy the main plugin file into `/wp-content/mu-plugins/` so it is always active and cannot be disabled from the Plugins screen. ## 常見問題集 ### Will this break my site? The default headers are conservative and should be safe for most sites. Strict Mode may break embeds, analytics, fonts, or CDNs, so test on staging first. ### Does this affect SEO? No. These headers improve browser security and do not affect SEO. ## 使用者評論 這個外掛目前沒有任何使用者評論。 ## 參與者及開發者 以下人員參與了開源軟體〈HeaderShield〉的開發相關工作。 參與者 * [ Vishwa ](https://profiles.wordpress.org/sbvi1122/) * [ vishvega ](https://profiles.wordpress.org/vishvega/) [將〈HeaderShield〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/headershield) ### 對開發相關資訊感興趣? 任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/headershield/)、 查看 [SVN 存放庫](https://plugins.svn.wordpress.org/headershield/),或透過 [RSS](https://plugins.trac.wordpress.org/log/headershield/?limit=100&mode=stop_on_copy&format=rss) 訂閱[開發記錄](https://plugins.trac.wordpress.org/log/headershield/)。 ## 變更記錄 #### 1.0.14 * Initial public release. ## 中繼資料 * 版本 **1.0.14** * 最後更新 **2 個月前** * 啟用安裝數 **少於 10 次** * WordPress 版本需求 ** 5.0 或更新版本 ** * 已測試相容的 WordPress 版本 **6.9.4** * PHP 版本需求 ** 7.4 或更新版本 ** * 語言 * [English (US)](https://wordpress.org/plugins/headershield/) * 標籤: * [csp](https://tw.wordpress.org/plugins/tags/csp/)[hardening](https://tw.wordpress.org/plugins/tags/hardening/) [headers](https://tw.wordpress.org/plugins/tags/headers/)[hsts](https://tw.wordpress.org/plugins/tags/hsts/) [security](https://tw.wordpress.org/plugins/tags/security/) * [進階檢視](https://tw.wordpress.org/plugins/headershield/advanced/) ## 評分 這個項目尚無任何評論記錄。 [Your review](https://wordpress.org/support/plugin/headershield/reviews/#new-post) [查看全部使用者評論](https://wordpress.org/support/plugin/headershield/reviews/) ## 參與者 * [ Vishwa ](https://profiles.wordpress.org/sbvi1122/) * [ vishvega ](https://profiles.wordpress.org/vishvega/) ## 技術支援 使用者可在技術支援論壇提出意見反應或使用問題。 [檢視技術支援論壇](https://wordpress.org/support/plugin/headershield/) ## 贊助 想要支援這個外掛的發展嗎? [ 贊助這個外掛 ](https://wordpress.org/support/plugin/headershield/)