Security Headers Checker
Check if your website has proper security headers configured. Get a grade and actionable recommendations.
What We Check
Strict-Transport-Security
Forces HTTPS connections
Content-Security-Policy
Prevents XSS attacks
X-Frame-Options
Prevents clickjacking
X-Content-Type-Options
Prevents MIME sniffing
Referrer-Policy
Controls referrer information
Permissions-Policy
Controls browser features
X-XSS-Protection
Legacy XSS filter (deprecated)