Title: Fix It Easy Security Headers Author: WP Fix It - WordPress Experts Published: 2025年8月24日 Last modified: 2025年8月24日 --- プラグインを検索 ![](https://ps.w.org/fix-it-easy-security-headers/assets/banner-772x250.png?rev= 3349315) ![](https://ps.w.org/fix-it-easy-security-headers/assets/icon-256x256.gif?rev=3349315) # Fix It Easy Security Headers 作者: [WP Fix It – WordPress Experts](https://profiles.wordpress.org/wpfixit/) [ダウンロード](https://downloads.wordpress.org/plugin/fix-it-easy-security-headers.1.1.zip) * [詳細](https://ja.wordpress.org/plugins/fix-it-easy-security-headers/#description) * [レビュー](https://ja.wordpress.org/plugins/fix-it-easy-security-headers/#reviews) * [インストール](https://ja.wordpress.org/plugins/fix-it-easy-security-headers/#installation) * [開発](https://ja.wordpress.org/plugins/fix-it-easy-security-headers/#developers) [サポート](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## 説明 **WP Fix It Easy Security Headers** adds a simple page under **Tools Security Headers** where you can toggle common HTTP security headers: * **Strict-Transport-Security (HSTS)** * **Content-Security-Policy (CSP)** * **X-Frame-Options** * **X-Content-Type-Options** * **Referrer-Policy** * **Permissions-Policy** On activation, all headers are **enabled by default** and you’re redirected to the settings screen. For convenience, the page and the Plugins screen include a **“Check Headers”** button that opens SecurityHeaders.com with your site’s URL prefilled (built dynamically from `home_url()`). ### Notes on CSP This plugin ships with a **permissive** default CSP intended to “work everywhere” out of the box (allows most external sources and inline code). For stronger protection, you should harden the directives for your specific site. ### Key Features * One-click toggles for popular headers * Dynamic “Check Headers” scan link * Uses the WordPress Settings API (nonce + capability checks) * Output escaping and sanitization following PHPCS ## スクリーンショット * [[ * Settings screen with header toggles and “Check Headers” button. ## インストール 1. Upload the plugin folder to `/wp-content/plugins/fix-it-easy-security-headers/` or install via Plugins Add New. 2. Activate the plugin. 3. You’ll be redirected to **Tools Security Headers**. Review and adjust toggles as needed. 4. (Optional) Click **Check Headers** to verify your headers on SecurityHeaders.com. ## FAQ ### Where do I manage the settings? Go to **Tools Security Headers**. ### What happens on activation? All header options are enabled and you’re redirected once to the settings page. ### Will this break my site? Most headers are safe defaults. The provided CSP is intentionally permissive; it shouldn’t block assets. For strict CSPs, tailor directives to your stack and test. ### Can I use this on multisite? Yes. The “Check Headers” URL is derived from `home_url()`. Activation redirect is skipped for network/bulk activations. ### Why don’t I see a “Settings saved” notice twice? The page prints only this plugin’s scoped settings messages to avoid duplicate notices. ### Can I customize the CSP? Yes. You can modify the `$csp` string in `security_headers_add_headers()` to fit your site’s needs. ## 評価 このプラグインにはレビューがありません。 ## 貢献者と開発者 Fix It Easy Security Headers はオープンソースソフトウェアです。以下の人々がこのプラグ インに貢献しています。 貢献者 * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) [“Fix It Easy Security Headers” をあなたの言語に翻訳しましょう。](https://translate.wordpress.org/projects/wp-plugins/fix-it-easy-security-headers) ### 開発に興味がありますか ? [コードを閲覧](https://plugins.trac.wordpress.org/browser/fix-it-easy-security-headers/) するか、[SVN リポジトリ](https://plugins.svn.wordpress.org/fix-it-easy-security-headers/) をチェックするか、[開発ログ](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/) を [RSS](https://plugins.trac.wordpress.org/log/fix-it-easy-security-headers/?limit=100&mode=stop_on_copy&format=rss) で購読してみてください。 ## 変更履歴 #### 1.1 * Initial release. * Header toggles for HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer- Policy, Permissions-Policy. * Activation enables all options and redirects to settings. * Dynamic SecurityHeaders.com scan link. ## メタ * バージョン **1.1** * 最終更新日 **9か月前** * 有効インストール数 **10+** * WordPress バージョン ** 5.8またはそれ以降 ** * 検証済み最新バージョン: **6.8.5** * PHP バージョン ** 7.4またはそれ以降 ** * 言語 * [English (US)](https://wordpress.org/plugins/fix-it-easy-security-headers/) * タグ * [csp](https://ja.wordpress.org/plugins/tags/csp/)[headers](https://ja.wordpress.org/plugins/tags/headers/) [hsts](https://ja.wordpress.org/plugins/tags/hsts/)[security](https://ja.wordpress.org/plugins/tags/security/) * [詳細を表示](https://ja.wordpress.org/plugins/fix-it-easy-security-headers/advanced/) ## 評価 レビューはまだ送信されていません。 [Your review](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/#new-post) [すべてのレビューを見る](https://wordpress.org/support/plugin/fix-it-easy-security-headers/reviews/) ## 貢献者 * [ WP Fix It – WordPress Experts ](https://profiles.wordpress.org/wpfixit/) ## サポート 意見や質問がありますか ? [サポートフォーラムを表示](https://wordpress.org/support/plugin/fix-it-easy-security-headers/) ## 寄付 このプラグインが今後も改善できるよう応援しませんか ? [ このプラグインに寄付 ](https://www.wpfixit.com)