WordPress Speed Up Service | WordPress Website Maintenance Packages Reply To: Content Security Policy in WordPress?, by Jan Dembowski after I spent few days to setting up Content Security Policy I ended up with question: Is it worth it? It could be worth it, but it sure is a pain in the euphemism to setup. *Drinks coffee* See https://scotthelme.co.uk/content-security-policy-an-introduction/ for more details. If you have a too permissive CSP then that sort of defeats the purpose. Many people have a FB icon/like button, a Twitter feed in a side bar, a Youtube video etc. on their site. Without a CSP header the browser says “OK” and loads those referenced assets and scripts. It just works. When you add CSP and you miss something then parts of your site stop working in your visitor’s browser. Not good. If you can get all of the references correct and your browser (try with Chrome and Firefox) does not complain about blocked by policy assets then you got it right. Reply To: Content Security Policy in WordPress?