Content Security Policy nonce in WordPresss possible?

[ad_1]

I self-host a WordPress blog and my recent goal has been to ensure it's as secure as possible. One issue I've encountered is that many of my plugins only work if I include the unsafe-inline directive in the script-src section of my CSP in NGINX. As soon as I remove the unsafe-inline directive—following the recommendations from various security guides—everything breaks.

Some research suggests using a nonce in the code, but since the problematic code is part of plugins, I'm unsure how to address this issue.

How should I handle this situation? Is it feasible to use a nonce as recommended in WordPress?

[ad_2]

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer