Security Testing

Connection Security

HTTPS Status

Current connection: Secure (HTTPS)

Security Headers Analysis

Strict-Transport-Security

Forces HTTPS connections

Status: Not Set

Recommended: max-age=31536000; includeSubDomains; preload

X-Frame-Options

Prevents clickjacking attacks

Status: Not Set

Recommended: SAMEORIGIN or DENY

X-Content-Type-Options

Prevents MIME type sniffing

Status: Not Set

Recommended: nosniff

X-XSS-Protection

XSS filter in older browsers

Status: Not Set

Recommended: 1; mode=block

Content-Security-Policy

Controls resource loading

Status: Not Set

Recommended: Defined based on your needs

Referrer-Policy

Controls referrer information

Status: Not Set

Recommended: strict-origin-when-cross-origin

Permissions-Policy

Controls browser features

Status: Not Set

Recommended: Restrictive policy

Server Configuration Security

PHP Version

Current Version: 8.4.12

Server Information Disclosure

Server header exposure is controlled

Current: nginx/1.23.2

Security Test Results Summary

22%

Security Score: 2 / 9 checks passed

Recommendations