jcodigital/jcore-turva

JCORE Turva is a WordPress plugin designed to help you manage security headers for your website.

Maintainers

Package info

git.jcore.fi/jcore-turva.git

Type:wordpress-plugin

pkg:composer/jcodigital/jcore-turva

Statistics

Installs: 0

Dependents: 0

Suggesters: 0

Security

Advisories: 0

Aikido package health analysis

v1.9.4 2026-06-16 13:00 UTC

Requires

GPL-2.0-only 07ea2a7a8120ec772786e444cad71033b80c94fb

  • JCo Digital <support.woop@jco.fi>

This package is auto-updated.

Last update: 2026-06-16 13:03:27 UTC

README

JCORE Turva is a WordPress plugin designed to help you manage security headers for your website. It provides a user-friendly interface for configuring Content Security Policy (CSP) and Permissions Policy, along with a built-in violation reporting system to help you monitor and refine your security settings.

Features

  • Content Security Policy (CSP) Management: Easily define directives for your CSP to protect your site from XSS and other injection attacks.
  • Permissions Policy: Control which browser features and APIs can be used on your site.
  • Violation Reporting: Capture and view security policy violations directly within your WordPress admin dashboard.
  • Regional Google Domains: Automatically expand Google domains to their regional TLDs for broader compatibility.
  • Automatic Updates: Integrated with the J&Co Digital update system.
  • React-based UI: A modern, responsive settings interface built with React.

Requirements

  • WordPress: 6.7 or higher
  • PHP: 8.2 or higher

Installation

  1. Upload the jcore-turva folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the 'Plugins' menu in WordPress.
  3. Navigate to Settings > JCORE Turva to configure your security headers.

Development

To set up the development environment, you will need pnpm and composer installed.

Makefile Commands

A Makefile is provided for convenience:

  • make install: Install both JavaScript and PHP dependencies.
  • make build: Run the build process.
  • make start: Start the WordPress environment.
  • make stop: Stop the WordPress environment.
  • make release: Create a zip file for release in the release/ directory.
  • make clean: Remove all build and dependency directories.

Build Scripts

  • pnpm install: Install JavaScript dependencies.
  • composer install: Install PHP dependencies.
  • pnpm build: Build the production assets.
  • pnpm start: Start the development server with live reloading.
  • pnpm format: Format the code according to WordPress standards.
  • pnpm lint:js: Lint the JavaScript files.
  • pnpm lint:css: Lint the SCSS files.

WordPress Environment

You can use the provided @wordpress/env configuration to quickly spin up a local WordPress environment:

pnpm env:start

To stop the environment:

pnpm env:stop

License

This project is licensed under the GPL-2.0-or-later License. See the LICENSE file for details.

Author

Created by J&Co Digital.