Critical
25/100
Content-Security-Policy
Controls which resources can be loaded, preventing XSS attacks.
HTTP Security Headers
A complete reference to the security headers that protect your website. Click any header to learn how to configure it.
Medium
15/100
Permissions-Policy
Controls access to browser features like camera and microphone.
Medium
10/100
Referrer-Policy
Controls referrer information sent with requests.
Critical
20/100
Strict-Transport-Security
Forces HTTPS connections, preventing protocol downgrade attacks.
High
10/100
X-Content-Type-Options
Prevents MIME type sniffing.
High
10/100
X-Frame-Options
Protects against clickjacking attacks.