Description: Defines allowed image sources for CSP (Pro).
How it works: builder_img_src and builder_img_mode define allowed origins for images; helps prevent data exfil via image beacons.
How to access / configure:
- WP Admin → AegisShield → Security Headers → CSP Builder.
- Open Image settings.
- Add required domains and Save Changes.
Recommended setting: Allow ‘self’ and your media/CDN domains; avoid allowing all.