Secure Headers Test

Check if your site has secure headers to restrict
browsers running from avoidable vulnerabilities

Checking for secure headers...

Header Value

Header

Value

About HTTP Security Headers

Mitigate the security vulnerabilities by implementing necessary secure HTTP response headers in the web server, network device, etc.

Currently, it checks the following OWASP recommended headers.

  • HTTP Strict Transport Security
  • Public Key Pinning Extension for HTTP
  • X-Frame-Options
  • X-XSS-Protection
  • X-Content-Type-Options
  • Content-Security-Policy
  • X-Permitted-Cross-Domain-Policies
  • Referrer-Policy
  • Expect-CT
  • Feature-Policy

Wondering how to implement them?

You may refer HTTP header implementation guide to configure them in Nginx, Apache, IIS, CDN, etc.

Hand-picked best resources to supercharge
your Website and Business

Explore Collections

More tools for your Website

Ping Test

Check if your site or IP can respond to ping globally

Test Now

Traceroute Test

Traceroute your IP or site to find network related issue

Test Now

TLS 1.3 Test

Test supported TLS version on the site

Test Now

TLS Scanner

Check the supported protocol, server preferences, certificate details, common vulnerabilities and more

Test Now

DNSSEC Test

Check if DNS Security Extensions is enabled on your domain

Test Now

TCP Port Scanner

Quickly find out what ports are open on public Internet-facing IP or website

Test Now

Latest Articles