Headers Security Advanced & HSTS WP
by Andrea Ferro 4.9 (78 reviews)

Headers Security Advanced & HSTS WP

Best all-in-one WordPress security plugin, uses HTTP & HSTS response headers to avoid vulnerabilities: XSS, injection, clickjacking. Force HTTP/HTTPS.

Compatible with WP 7.0.1
v5.3.3 Current Version v5.3.3
Updated 1 week ago Last Update on 07 Jul, 2026
Refreshed 10 hours ago Last Refreshed on
View on WordPress.org
Rank
#475
No change
Active Installs
90K+
No change
KW Avg Position
3
No change
Downloads
1.5M
+927 today
Support Resolved
0%
No change
Rating
98%
Review 4.9 out of 5
4.9 (78 reviews)

Next Milestone 100K

Total Progress 83.8%
90K+ 100K+
6
Ranks to Climb
-
Growth Needed
8,000,000
Active Installs
Pro

Unlock Exact Install Count

See the precise estimated active installs for this plugin, calculated from real-time ranking data.

  • Exact install estimates within tiers
  • Track install growth over time
  • Milestone progress predictions
Upgrade to Pro
Need 1,622 more installs to reach 100K+

Rank Changes

451 463 475 487 499 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
451 464 477 489 502 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
451 464 477 489 502 17-06-2026 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
470 478 485 493 500 18-04-2026 19-04-2026 20-04-2026 21-04-2026 22-04-2026 23-04-2026 24-04-2026 25-04-2026 26-04-2026 27-04-2026 28-04-2026 29-04-2026 30-04-2026 01-05-2026 02-05-2026 03-05-2026 04-05-2026 05-05-2026 06-05-2026 07-05-2026 08-05-2026 09-05-2026 10-05-2026 11-05-2026 12-05-2026 13-05-2026 14-05-2026 15-05-2026 16-05-2026 17-05-2026 18-05-2026 19-05-2026 20-05-2026 21-05-2026 22-05-2026 23-05-2026 24-05-2026 25-05-2026 26-05-2026 27-05-2026 28-05-2026 29-05-2026 30-05-2026 31-05-2026 01-06-2026 02-06-2026 03-06-2026 04-06-2026 05-06-2026 06-06-2026 07-06-2026 08-06-2026 09-06-2026 10-06-2026 11-06-2026 12-06-2026 13-06-2026 14-06-2026 15-06-2026 16-06-2026 17-06-2026 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
Current #475
Change
Best #

Upgrade to Pro

Unlock 30-day and 90-day rank history charts with a Pro subscription.

Upgrade Now

Active Installs Growth

Active Installs 0,000,000+
Growth +0.0%
Peak 0,000,000

Downloads Growth

0 1K 2K 3K 4K 5K 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
0 5K 10K 15K 20K 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
0 5K 10K 15K 20K 17-06-2026 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026
0 5K 10K 15K 20K 18-04-2026 21-04-2026 24-04-2026 27-04-2026 30-04-2026 03-05-2026 06-05-2026 09-05-2026 12-05-2026 15-05-2026 18-05-2026 21-05-2026 24-05-2026 27-05-2026 30-05-2026 02-06-2026 05-06-2026 08-06-2026 11-06-2026 14-06-2026 17-06-2026 20-06-2026 23-06-2026 26-06-2026 29-06-2026 02-07-2026 05-07-2026 08-07-2026 11-07-2026 14-07-2026 17-07-2026
0 5K 10K 15K 20K 25K 30K 35K 17-07-2025 29-07-2025 10-08-2025 22-08-2025 03-09-2025 15-09-2025 27-09-2025 09-10-2025 21-10-2025 02-11-2025 14-11-2025 26-11-2025 08-12-2025 20-12-2025 01-01-2026 13-01-2026 25-01-2026 06-02-2026 18-02-2026 02-03-2026 14-03-2026 26-03-2026 07-04-2026 19-04-2026 01-05-2026 13-05-2026 25-05-2026 06-06-2026 18-06-2026 30-06-2026 12-07-2026 17-07-2026
Downloads
Growth
Peak

Upgrade to Pro

Unlock 30-day, 90-day, and yearly download history charts with a Pro subscription.

Upgrade Now

Reviews & Ratings

4.9
78 reviews
Overall 98%
5
72 (92%)
4
3 (4%)
3
1 (1%)
2
2 (3%)
1
0 (0%)

Tracked Keywords

Showing 5 of 5
Keyword Position Change Type Updated
hsts 1 Tag 1 day ago
csp 1 Tag 1 day ago
clickjacking 3 Tag 1 day ago
headers 5 Tag 1 day ago
headers security 5 Tag 1 day ago

Unlock Keyword Analytics

Track keyword rankings, search positions, and discover new ranking opportunities with a Pro subscription.

  • Full keyword position tracking
  • Historical ranking data
  • Competitor keyword analysis
Upgrade to Pro

Support Threads Overview

Resolved
Unresolved
3
Total Threads
0
Resolved
3
Unresolved
0%
Resolution Rate

Track This Plugin

Get detailed analytics, keyword tracking, and position alerts delivered to your inbox.

Start Tracking Free

Plugin Details

Version
5.3.3
Last Updated
Jul 07, 2026
Requires WP
4.7+
Tested Up To
7.0.1
PHP Version
7.4 or higher
Author
Andrea Ferro

Support & Rating

Rating
★ ★ ★ ★ ★ 4.9
Reviews
78
Support Threads
3
Resolved
0%

Keywords

Upgrade to Pro

Unlock keyword rankings, search positions, and detailed analytics with a Pro subscription.

Upgrade Now

Frequently Asked Questions

Common questions about Headers Security Advanced & HSTS WP

No. Headers add less than 1KB to each response. The plugin uses WordPress native hooks and Apache .htaccess. Zero database queries at page load for visitors.
Yes. The PHP method (wp_headers filter) works on any server. The .htaccess method is Apache-only, but the plugin automatically uses the PHP method on other servers.
Yes. Compatible with WP Super Cache, W3 Total Cache, LiteSpeed Cache, WP Rocket, and others.
Yes. Cloudflare passes through headers set by WordPress. If you also set headers in Cloudflare dashboard, use the "Resolve duplicate headers" option in Settings to avoid duplicates.
Your site needs all 6 scored headers present: Content-Security-Policy, Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. The plugin configures all of these automatically.
Rarely. If another plugin sets the same headers, you may get duplicates. Use the "Resolve duplicate headers" checkboxes in Settings to fix this.
HTTP Strict Transport Security tells browsers to always use HTTPS. Even if someone types http://, the browser upgrades to https:// automatically. Prevents protocol downgrade attacks.
Minimum for preload: 31536000 (1 year). Recommended: 63072000 (2 years). Start with 86400 (1 day) to test, then increase.
Only if your entire domain (including all subdomains) works over HTTPS. Preload is hardcoded in browsers and difficult to undo. Removal takes months. Test thoroughly first.
CSP tells browsers which resources can load on your page. Anything not explicitly allowed is blocked. It is the strongest protection against XSS attacks.

Sign In / Register

You need to sign in or register to use this feature.