alinandrei/security_headers

A Statamic addon to manage security headers.

Maintainers

Details

github.com/alinescu16/statamic_security_headers

Source

Issues

Installs: 12

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 3

pkg:composer/alinandrei/security_headers

1.0.5 2025-10-05 18:03 UTC

Requires

proprietary cc1c92f69c6ea5d722ca9ecea2eb024c1b2cf6d1

This package is auto-updated.

Last update: 2025-10-07 15:55:19 UTC

README

Statamic 5.0+ On the Statamic Marketplace

A Statamic addon that allows you to easily manage and deploy crucial security headers for your website, complete with a powerful Content-Security-Policy (CSP) manager and violation reporting.

Features

  • Set Key Security Headers: Easily enable and configure Strict-Transport-Security (HSTS), X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.
  • Full CSP Management: Define your Content-Security-Policy (CSP) directly from the dashboard.
  • CSP Violation Reporting: Includes a built-in endpoint to capture CSP violations from users' browsers. Supported integrations are currently: Sentry; Comming up: RayGun, c/Side.
  • "Click to Allow" Policies: Add blocked resources to your CSP directly from the statamic dashboard. Carefull! Always review the CSP directives and values before saving your settings.
  • Modern implementation using Contracts, dynamically injected clients for different reporting platforms, Service containers and Middleware implementation for adding the headers to the responses.
  • One Time purchase for a single domain.
  • Live Scoring via MDN Observatory integration