Run a free test of a website’s HTTP headers and learn how it performs from a security perspective!

Checks for the following headers and their values:

  • Access Control Allow Origin
  • Content Security Policy
  • Cross Domain Meta Policy
  • NoSniff
  • Server Information
  • Strict Transport Security
  • UTF-8 Character Encoding
  • X-Frame-Options
  • X-Powered-By
  • X-XSS-Protection →

Join the Conversation

1 Comment

  1. Decided to sort out with my server’s settings. The biggest problem turned out the Content-Security-Policy header — a difficult choice between the security and convenience of using third-party libraries.

Leave a comment

Leave a Reply to scorp13 Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.