Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on December 10, 2015

This tool helps you check if you’re using the right security headers in your Website


This tool helps you check if you’re using the right security headers in your Website Image by: Shutterstock

Building secure Web apps isn’t exactly easy, but there are a number of small tweaks you can implement using HTTP security headers to help protect yourself against attacks.

With relatively simple configuration changes, modern headers like CONTENT-SECURITY-POLICY and X-FRAME-OPTIONS allow you to protect your site against cross-site-scripting attacks or clickjacking with a small change.

Unfortunately, most people don’t know about security headers or how easy they are to implement. A new Web app, securityheaders.io, gives you actionable fixes for your Web app by simply typing in a domain name.

Screen Shot 2015-12-10 at 1.11.50 PM

What’s most fascinating is the distribution of sites across the test so far. Only 1,407 sites achieved an A+ score, with more than 2,900 getting a fail.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

If you get an ‘F’ for your score — which is the lowest rating possible — it might be time to take a look at your security strategy.

With all the recent coverage of massive cybersecurity breaches, sometimes down to incredibly trivial attacks, it’s worth trying this free tool on your own Web app to see how you’re doing and what you can do about the problems.

securityheaders.io

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top