Security Headers Analyzer

Enter URL to Analyze

Security Score

Header Analysis

Recommendations

About Security Headers

Critical Headers

• Strict-Transport-Security (HSTS): Forces HTTPS connections
• Content-Security-Policy (CSP): Prevents XSS and injection attacks
• X-Frame-Options: Protects against clickjacking
• X-Content-Type-Options: Prevents MIME-type sniffing

Recommended Headers

• Referrer-Policy: Controls referrer information
• Permissions-Policy: Controls browser features
• Cross-Origin headers: Isolates browsing contexts