Security Headers Checker
Comprehensive security headers analysis with detailed grading. Check X-Frame-Options, Content-Security-Policy, HSTS, and more for optimal website security.
Scan Your Site
Analyze HTTP security headers and get a security grade for your website
About Security Headers
Security headers are HTTP response headers that tell browsers how to behave when handling your site’s content. Properly configured security headers can help protect against common web vulnerabilities like XSS, clickjacking, and protocol downgrade attacks.
Key Security Headers
- Content-Security-Policy (CSP): Controls which resources the browser is allowed to load
- Strict-Transport-Security (HSTS): Forces browsers to use HTTPS connections only
- X-Frame-Options: Prevents clickjacking by controlling iframe embedding
- X-Content-Type-Options: Prevents MIME-sniffing attacks
- Referrer-Policy: Controls how much referrer information should be included
- Permissions-Policy: Controls which browser features and APIs can be used
How to Use This Tool
- Enter your website URL in the input field
- Click "Scan" to analyze the security headers
- Review your security grade and score
- Check which headers are present and properly configured
- Implement the missing headers based on our recommendations
Note: This tool makes real HTTP requests to analyze your website’s headers. The scanning is performed server-side to ensure accurate results.