Security Report

The Security Report section provides a detailed audit of the security HTTP headers that web servers/applications can set when returning data to web clients. They are used to communicate security policy settings for a web browser that is interacting with the web site. Security headers can help prevent or mitigate common web attacks such as cross-site scripting (XSS), clickjacking, Content Injection, etc. by instructing the browser how to handle certain resources or behaviors. Security headers can also enhance the privacy and integrity of the web communication by enforcing encryption, authentication, and origin verification.

By auditing security headers of a response, we can check if they are properly configured and implemented according to best practices and standards. Auditing security headers of response can also help to identify potential vulnerabilities or misconfigurations that could expose a web site or application to malicious actors.

Analytics Results

The Analytics Results section lists problems with your security headers that were found during the security audit and instructs you how to resolve them. These issues are categorized by severity so you can understand the risk that they pose to your website or application. It will also check if an SSL certificate is used and if it is up to date. Including an SSL certificate is a vital security measure which is necessary to secure communication between the browser and your servers.