April 28, 2025, 5:17 am
Expiration: 2025-06-29 (62 days remaining)
Issuer: Let's Encrypt
Authority: E5
Download CertificateVersion: TLSv1.3
Cipher: TLS_AES_256_GCM_SHA384
TLS (Transport Layer Security) encrypts data in transit, protecting against eavesdropping and tampering. Strong TLS configurations use up-to-date protocols and ciphers to ensure the highest level of security.
CSP prevents XSS and data injection attacks by specifying allowed content sources, reducing malicious code execution risks. Consider implementing it for enhanced security.
X-Frame-Options header is missing. This header prevents clickjacking by controlling page rendering in frames. Without it, malicious sites could embed your page, potentially tricking users into unwanted actions.
HSTS forces browsers to use HTTPS, preventing downgrade attacks and cookie hijacking.
Mixed content (HTTP resources on HTTPS pages) poses security risks, enabling potential attacks and content injection. Modern browsers may block it, breaking site functionality.
A Web Application Firewall (WAF) helps protect your website from various attacks such as SQL injection, cross-site scripting (XSS), and other common exploits.
Helps prevent XSS attacks in older browsers.
Prevents MIME type sniffing.
Controls the Referer header for outgoing requests.
Controls which browser features and APIs can be used.
Not announcing version can enhance security, but regular updates are still crucial.
DNSSEC adds a layer of trust to your domain name. It helps prevent DNS spoofing and cache poisoning attacks. Consider enabling it for enhanced security.
DMARC helps prevent email spoofing and protects your domain from unauthorized use in phishing attacks.
DKIM adds a digital signature to emails, verifying that they were sent by an authorized sender and weren't altered in transit.