I have started adding SHA header for the more than 100 scripts and styles on the home page.

May I ask if you could provide a Plesk recommended way to set CSP for a WordPress website, possibly with a nonce generator, and a functions.php planting of nonce addition to all current scripts and styles.