RapidSec – CSP and Security Headers


This plugin helps you protect your WordPress site and admin panel from various client-side cyber attacks, such as XSS, formjacking and Magecart.
It links with the Rapidsec service to automatically generate your Content-Security-Policy (CSP) and security headers, and monitor for attacks in realtime.

Installation and Setting Up RapidSec

  1. Download the Latest RapidSec plugin and install it on your site, by uploading to the /wp-content/plugins/ directory (or via the zip).

  2. Activate the plugin through the ‘Plugins’ menu in WordPress

  3. In order to integrate the plugin – you will need two RapidSec tokens.
    One for your wp-admin/ panel, and one for the user-facing site. Open account at Rapidsec and create two projects.

  4. Copy your project API keys from the “Microagent (Automatic)” section – under WordPress and add them to the plugin settings.

  5. Save!

  6. RapidSec will ask you which assets to approve being loaded on your site.


This WordPress plugin does not collect or track additional data or usage information. For full term of use on the Rapidsec product as well as privacy policy, please see https://rapidsec.com/customer-terms , https://rapidsec.com/privacy




12 Aprily 2021
It's so much easier to build a CSP with your service. I find it very useful, well done!
Read all 1 review

Contributors & Developers

“RapidSec – CSP and Security Headers” is open source software. The following people have contributed to this plugin.



1.0 Fully working version