helsingborg-stad / wpmu-security
A WordPress MU Plugin for security enhancements
Installs: 5
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Type:wordpress-muplugin
Requires
Requires (Dev)
- brain/monkey: ^2.6
- codedungeon/phpunit-result-printer: ^0.31.0
- php-stubs/wordpress-stubs: ^6.8
- phpunit/phpunit: ^9.5
README
A lightweight WordPress plugin focused on modern security hardening best practices without unnecessary bloat.
🚀 Features
- ✅ Generic login error messages (prevent user enumeration)
- ✅ Generic password reset responses
- ✅ HTTP Strict Transport Security (HSTS)
- ✅ CORS configuration
- ✅ Subresource Integrity (SRI) for scripts and styles
- ✅ XML-RPC disabling
- ✅ Comment sanitization (anti-XSS)
- ✅ Content Security Policy (CSP)
⚙️ Configuration
You cannot configure this plugin in any way. Just automagic security features.