Security Audit

Perform a basic security audit on your website and see what kind of vulnerabilities are affecting it.

83/100

Astra Health Score
Your site does not appear to be blacklisted.

Security Audit Results

We detected suboptimal or unsafe practices on your website. Please see the list below for more details.

Request Security Audit
  • X-XSS-Protection header set to 0 (disabled) Header Security High Details
    Description:

    The x-xss-protection header is designed to enable the cross-site scripting (XSS) filter built into modern web browsers. Explicitly setting X-XSS-Protection header to "0" will allow an attacker to perform XSS attack on your users..

    Remediation:

    The recommended configuration is to set this header to the following value, which will enable the XSS protection and instruct the browser to block the response in the event that a malicious script has been inserted from user input, instead of sanitizing. x-xss-protection: 1; mode=block.

  • Cookies use SameSite flag, but set to something other than Strict or Lax Cookie Security Medium Details
    Description:

    SameSite attribute present on the Cookies set by your site is invalid. SameSite value must be either unset, Strict, or Lax..

    Remediation:

    Follow this guide to fix this, find the guide here.

  • Content Security Policy (CSP) header not implemented Header Security Low Details
    Description:

    Our scanners were not able to detect Content Security Policy (CSP) header amongst the header returned by your site..

    Remediation:

    Follow this guide to fix this, find the guide here.

Protect your website from internet attacks

Try Astra