description SecurityHeaders.com Overview
SecurityHeaders.com is a website analyzer that evaluates web pages’ HTTP response headers. It checks these headers against established security standards like TLS configuration and identifies missing or misconfigured elements. This tool is valuable for developers, security professionals, and anyone seeking to improve the security posture of websites they manage or audit.
help SecurityHeaders.com FAQ
Who created the SecurityHeaders.com website analyzer?
SecurityHeaders.com was created by Scott Helme, a well-known British web security researcher and public speaker. He developed the free tool to easily visualize and grade the implementation of various HTTP security response headers on any public website.
What specific security headers does SecurityHeaders.com check for?
The analyzer scans websites for the presence and correct configuration of modern security headers like Content-Security-Policy (CSP), Strict-Transport-Security (HSTS), and X-Frame-Options. It then grades the site from A+ down to F based on the strength of these configurations.
Is SecurityHeaders.com free to use for scanning my own website?
Yes, SecurityHeaders.com is a completely free tool designed to promote better web security practices across the internet. You can instantly run a scan by simply typing your public URL into the search bar on their homepage.
What does a failing grade on SecurityHeaders.com actually mean for my website?
A low grade, such as an F or D, means your website is missing critical security headers and is more vulnerable to attacks like Clickjacking or Cross-Site Scripting (XSS). Fixing the issue requires updating your web server or CDN configuration to append the missing headers to your HTTP responses.
explore Explore More
Similar to SecurityHeaders.com
See all arrow_forwardReviews & Comments
Write a Review
Be the first to review
Share your thoughts with the community and help others make better decisions.