PHPackages                             signify-nz/silverstripe-security-headers - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [PDF &amp; Document Generation](/categories/documents)
4. /
5. signify-nz/silverstripe-security-headers

ActiveSilverstripe-vendormodule[PDF &amp; Document Generation](/categories/documents)

signify-nz/silverstripe-security-headers
========================================

Adds configurable security headers to HTTP responses via middleware.

2.1.5(1y ago)411.0k↑292.9%5[1 issues](https://github.com/signify-nz/silverstripe-security-headers/issues)[1 PRs](https://github.com/signify-nz/silverstripe-security-headers/pulls)BSD-3-ClausePHP

Since Dec 1Pushed 3w ago10 watchersCompare

[ Source](https://github.com/signify-nz/silverstripe-security-headers)[ Packagist](https://packagist.org/packages/signify-nz/silverstripe-security-headers)[ Docs](https://github.com/signify-nz/silverstripe-security-headers)[ RSS](/packages/signify-nz-silverstripe-security-headers/feed)WikiDiscussions 2.x Synced today

READMEChangelog (10)Dependencies (7)Versions (27)Used By (0)

[![Build Status](https://camo.githubusercontent.com/c15fadef580bf9196b4a55d03c637aefe5943f8e39b82b2f2edb2ec6f1f887d8/68747470733a2f2f7472617669732d63692e636f6d2f7369676e6966792d6e7a2f73696c7665727374726970652d73656375726974792d686561646572732e7376673f6272616e63683d6d6173746572)](https://travis-ci.com/signify-nz/silverstripe-security-headers)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/222850847f14068ae43efe3e88f78e21909ff9fcf322b645caad12ecd4821107/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f7369676e6966792d6e7a2f73696c7665727374726970652d73656375726974792d686561646572732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/signify-nz/silverstripe-security-headers/?branch=master)

SilverStripe security headers
=============================

[](#silverstripe-security-headers)

Inspired by [Guttmann/silverstripe-security-headers](https://github.com/guttmann/silverstripe-security-headers).

SilverStripe module for easily adding a selection of [useful HTTP headers](https://wiki.owasp.org/index.php/OWASP_Secure_Headers_Project#tab=Headers).

Additionally provides a report of Content Security Policy violations.

Comes with a default set of headers configured, but can be used to add any headers you wish (as well as overriding or removing the default headers).

Install
-------

[](#install)

For SilverStripe 3, see the [appropriate branch](https://github.com/signify-nz/silverstripe-security-headers/tree/1)

Install via [composer](https://getcomposer.org):

```
composer require signify-nz/silverstripe-security-headers
```

Usage
-----

[](#usage)

For information on how to setup and use this module, please refer to the [documentation](docs/en/00_index.md).

Contributing
------------

[](#contributing)

If you would like to contribute either via code fixes, enhancements, or localisations, please see [the contributing guidelines](CONTRIBUTING.md).

CSS/JS Development
------------------

[](#cssjs-development)

### Setup

[](#setup)

For development you will need Node.js and yarn installed.

Next, you need to install the required npm packages.

```
yarn install
```

### Compiling assets

[](#compiling-assets)

You can compile assets using `yarn watch`.

Produce minified (production) files using `yarn package`.

### Linting

[](#linting)

Check over your JavaScript and SASS source code individually:

```
yarn lint-js
yarn lint-sass
```

You can also lint both in a single command:

```
yarn lint
```

###  Health Score

47

—

FairBetter than 93% of packages

Maintenance62

Regular maintenance activity

Popularity30

Limited adoption so far

Community19

Small or concentrated contributor base

Maturity64

Established project with proven stability

 Bus Factor1

Top contributor holds 75.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~101 days

Recently: every ~266 days

Total

21

Last Release

24d ago

Major Versions

1.0.0 → 2.0.12021-03-12

1.0.1 → 2.0.52022-02-22

2.x-dev → 3.0.0-alpha2026-06-04

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/5234013?v=4)[Signify Limited](/maintainers/signify-nz)[@signify-nz](https://github.com/signify-nz)

---

Top Contributors

[![GuySartorelli](https://avatars.githubusercontent.com/u/36352093?v=4)](https://github.com/GuySartorelli "GuySartorelli (189 commits)")[![sig-michelle](https://avatars.githubusercontent.com/u/57238437?v=4)](https://github.com/sig-michelle "sig-michelle (29 commits)")[![sig-steve](https://avatars.githubusercontent.com/u/5545293?v=4)](https://github.com/sig-steve "sig-steve (22 commits)")[![axllent](https://avatars.githubusercontent.com/u/1463435?v=4)](https://github.com/axllent "axllent (4 commits)")[![sig-peggy](https://avatars.githubusercontent.com/u/82991689?v=4)](https://github.com/sig-peggy "sig-peggy (3 commits)")[![sig-owalker](https://avatars.githubusercontent.com/u/69183159?v=4)](https://github.com/sig-owalker "sig-owalker (2 commits)")[![tomstgeorge](https://avatars.githubusercontent.com/u/2531109?v=4)](https://github.com/tomstgeorge "tomstgeorge (2 commits)")

---

Tags

securitysilverstripeheadersreportcsp

###  Code Quality

TestsPHPUnit

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/signify-nz-silverstripe-security-headers/health.svg)

```
[![Health](https://phpackages.com/badges/signify-nz-silverstripe-security-headers/health.svg)](https://phpackages.com/packages/signify-nz-silverstripe-security-headers)
```

###  Alternatives

[silverstripe/userforms

UserForms enables CMS users to create dynamic forms via a drag and drop interface and without getting involved in any PHP code

1371.1M85](/packages/silverstripe-userforms)[silverstripe/securityreport

Generates a security and access report for CMS users

11297.1k5](/packages/silverstripe-securityreport)[symbiote/silverstripe-advancedworkflow

Adds configurable workflow support to the CMS, with a GUI for creating custom workflow definitions.

46302.4k9](/packages/symbiote-silverstripe-advancedworkflow)[silverstripe/gridfieldqueuedexport

Export large data sets from your GridField in the SilverStripe CMS interface through async jobs

10219.2k7](/packages/silverstripe-gridfieldqueuedexport)[silverstripe/staticpublishqueue

Static publishing queue to create static versions of pages for enhanced performance and security

44140.1k6](/packages/silverstripe-staticpublishqueue)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
