The HTTP Headers plugin can set Feature-Policy to block web browser features (e.g. video autoplay, camera, and microphone) for improved WordPress security. Below we cover how to configure Feature Policy in WordPress.
Get more performance and security features with our NGINX-powered WordPress Hosting.
- Install, and activate, the HTTP Headers plugin using your WordPress dashboard or WP-CLI.
- Log in to your WordPress dashboard.
- On the left, hover over Settings and click HTTP Headers.
- Click the Security (0/15) button.
- Click Edit beside Feature-Policy.
- Click On.
- Check the box for each feature you’ll include in the policy, the access list, and external domains as needed. Access list options:
'self'– allowed only from same domain
origin(s)allowed only from specified domains (separated by a comma)
- Click Save Changes.