PHPackages pionect/laravel-security-headers - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. pionect/laravel-security-headers ActiveLibrary[Security](/categories/security) pionect/laravel-security-headers ================================ Adds security headers to Laravel responses. 07.8kPHP Since Oct 11Pushed 1y agoCompare [ Source](https://github.com/Pionect/laravel-security-headers)[ Packagist](https://packagist.org/packages/pionect/laravel-security-headers)[ RSS](/packages/pionect-laravel-security-headers/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) Laravel Security Headers ======================== [](#laravel-security-headers) This is a [Laravel](http://laravel.com/) service provider for adding security header responses to your application. Installation ------------ [](#installation) The SecurityHeaders Service Provider can be installed via [Composer](http://getcomposer.org) by requiring the `therobfonz/laravel-security-headers` package in your project's `composer.json`. ``` { "require": { "therobfonz/laravel-security-headers": "^3.0" } } ``` Packages are auto-discovered in Laravel 5.6+. Service Providers and Facades are defined in **composer.json**. Config File ----------- [](#config-file) Publish the confirguration file using Artisan. ``` php artisan vendor:publish --provider="TheRobFonz\SecurityHeaders\Providers\SecurityHeadersServiceProvider" ``` Update your settings in the generated `config/security.php` configuration file. Configuration ------------- [](#configuration) Add the middleware to the 'web' middleware group in `App\Http\Kernel.php` ``` protected $middlewareGroups = [ 'web' => [ //... \TheRobFonz\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class, ``` ### Nonces [](#nonces) Every inline script tag needs to include the `@nonce` blade directive in the opening tag. ``` ``` Links ----- [](#links) - [Laravel website](http://laravel.com/) ### Health Score 27 — LowBetter than 49% of packages Maintenance35 Infrequent updates — may be unmaintained Popularity21 Limited adoption so far Community9 Small or concentrated contributor base Maturity36 Early-stage or recently created project Bus Factor1 Top contributor holds 55% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/7192027195c12e276d8f8cefb96bb1f78e25717b53c4f2fbd6f3cbdbdb0d7a3b?d=identicon)[pionect](/maintainers/pionect) --- Top Contributors [![therobfonz](https://avatars.githubusercontent.com/u/35386780?v=4)](https://github.com/therobfonz "therobfonz (11 commits)")[![pionect-vincent](https://avatars.githubusercontent.com/u/191889999?v=4)](https://github.com/pionect-vincent "pionect-vincent (7 commits)")[![dducro](https://avatars.githubusercontent.com/u/2156884?v=4)](https://github.com/dducro "dducro (2 commits)") ### Embed Badge ![Health badge](/badges/pionect-laravel-security-headers/health.svg) ``` [![Health](https://phpackages.com/badges/pionect-laravel-security-headers/health.svg)](https://phpackages.com/packages/pionect-laravel-security-headers) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)