Security Audit

Perform a basic security audit on your website and see what kind of vulnerabilities are affecting it.

94/100

Astra Health Score
Your site does not appear to be blacklisted.

Security Audit Results

We detected suboptimal or unsafe practices on your website. Please see the list below for more details.

Request Security Audit
  • Content Security Policy (CSP) header not implemented Header Security Low Details
    Description:

    Our scanners were not able to detect Content Security Policy (CSP) header amongst the header returned by your site..

    Remediation:

    Follow this guide to fix this, find the guide here.

  • Cookies set without using the Secure flag, but transmission over HTTP prevented by HSTS Cookie Security Low Details
    Description:

    Cookies are often used in applications to identify and authenticate a user, so stealing a cookie can lead to hijacking of the authenticated user's session. Cookies on your site are set without using the Secure flag, but transmission over HTTP is prevented as HSTS is enabled on your site. Current implementation is not vulnerable but you should consider using Secure Flag on cookies whenever possible..

    Remediation:

    Follow this guide to fix this, find the guide here.

  • Initial redirection from HTTP to HTTPS is to a different host, preventing HSTS HTTPS Security Low Details
    Description:

    Your website is initially redirected to canonical HTTPS URL from a non-canonical HTTP URL. As HSTS only applies for the host that sends it, The policy will only to the canonical HTTPS URL. It is recommended to first redirect non-canonical HTTP URL to the non-canonical HTTPS URL (same domain) and then redirect to the canonical HTTPS URL..

    Remediation:

    Follow this guide to fix this, find the guide here.

Protect your website from internet attacks

Try Astra