Register Login

Domain Security Compliance Scanner

https://

Scan Results for gurubase.io

November 22, 2024, 11:58 am

Understanding Our Security Checks

SSL:

Valid SSL

Expiration: 2025-01-18 (56 days remaining)

Issuer: Google Trust Services

Authority: WE1

Download Certificate

TLS Configuration:

Strength: Strong

Version: TLSv1.3

Cipher: TLS_AES_256_GCM_SHA384

TLS (Transport Layer Security) encrypts data in transit, protecting against eavesdropping and tampering. Strong TLS configurations use up-to-date protocols and ciphers to ensure the highest level of security.

Content Security Policy (CSP):

Not implemented

CSP prevents XSS and data injection attacks by specifying allowed content sources, reducing malicious code execution risks. Consider implementing it for enhanced security.

X-Frame-Options:

Not protected against clickjacking

X-Frame-Options header is missing. This header prevents clickjacking by controlling page rendering in frames. Without it, malicious sites could embed your page, potentially tricking users into unwanted actions.

HTTP Strict Transport Security (HSTS):

Not implemented

HSTS forces browsers to use HTTPS, preventing downgrade attacks and cookie hijacking.

Cookie Security:

All cookies are secure

Mixed Content:

No mixed content detected

Mixed content (HTTP resources on HTTPS pages) poses security risks, enabling potential attacks and content injection. Modern browsers may block it, breaking site functionality.

Web Application Firewall (WAF):

WAF detected: Cloudflare

A WAF provides an additional layer of security for your website. Ensure it's properly configured and regularly updated for optimal protection.

HTTP Security Headers:

Security Headers Score: 0/100
X-XSS-Protection

Helps prevent XSS attacks in older browsers.

X-Content-Type-Options

Prevents MIME type sniffing.

Referrer-Policy

Controls the Referer header for outgoing requests.

Permissions-Policy

Controls which browser features and APIs can be used.

Server Version:

cloudflare

In theory you want to hide your software or version but not all announcements are bad.

DNSSEC:

DNSSEC not enabled

DNSSEC adds a layer of trust to your domain name. It helps prevent DNS spoofing and cache poisoning attacks. Consider enabling it for enhanced security.

Nameservers:

  • kenneth.ns.cloudflare.com (108.162.195.41)
  • karsyn.ns.cloudflare.com (172.64.34.194)

DMARC:

No DMARC record

DMARC helps prevent email spoofing and protects your domain from unauthorized use in phishing attacks.

DKIM:

No DKIM record found

DKIM adds a digital signature to emails, verifying that they were sent by an authorized sender and weren't altered in transit.


Help