Merge pull request #35 from igorhrcek/issue-32

Issue 32
igorhrcek · Mar 21, 2022 · 85c2fdd · 85c2fdd
2 parents 7c0b8e1 + 0f8f6d3
commit 85c2fdd
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -22,6 +22,18 @@ Removes all security rules.
 wp secure flush
 ```
 
+### Add Security Headers
+Adds the HSTS, Referrer-Policy, X-Content-Type-Options, X-Frame-Options and X-XSS-Protection
+
+You can choose to add all above or only one or more by using `--headers` argument.
+
+Example:
+```bash
+wp secure add-security-headers
+wp secure add-security-headers --headers=Strict-Transport-Security
+wp secure add-security-headers --headers=Strict-Transport-Security,X-Frame-Options
+```
+
 ### Block the access to sensitive files and directories
 ```bash
 wp secure block-access <what-to-block>

diff --git a/secure-command.php b/secure-command.php
@@ -10,21 +10,4 @@
     require_once __DIR__ . '/vendor/autoload.php';
 }
 
-\WP_CLI::add_command('secure', SecureCommand::class);
-
-//wp secure disable-directory-browsing
-//wp secure block-php-execution-in-uploads
-//wp secure block-php-execution-in-themes
-//wp secure block-php-execution-in-plugins
-//wp secure block-php-execution-in-wp-includes
-//wp secure block-access-to-htaccess
-//wp secure block-access-to-sensitive-files
-//wp secure block-access-to-sensitive-directories
-//wp secure block-author-scanning
-//wp secure block-access-to-xml-rpc
-
-//wp secure add --rules=disable-directory-browsing,block-php-execution-in-uploads --output --path
-//wp secure remove --rules=disable-directory-browsing,block-php-execution-in-uploads
-//wp secure flush
-//wp secure block-access-to-htaccess --revert
-//wp secure block-access-to-htaccess --path=/path/to/htaccess --output
+\WP_CLI::add_command('secure', SecureCommand::class);
diff --git a/src/SecureCommand.php b/src/SecureCommand.php
@@ -306,9 +306,10 @@ public function block_author_scanning($args, $assoc_args) : void {
      *
      * ## EXAMPLES
      *
-     *     $ wp secure add_security_headers
+     *     $ wp secure add-security-headers
      *     Success: Add Security Headers rule has been deployed.
      *
+     * @subcommand add-security-headers
      * @when before_wp_load
      */
     public function add_security_headers($args, $assoc_args) : void {