HTTP Security Header Checker
Instantly check which HTTP security headers your site uses. Detects missing CSP, HSTS, X-Frame-Options, and information leaks.
About HTTP Security Headers
HTTP security headers are your first line of defense against common web attacks. They tell the browser how to behave when handling your content. Missing headers can expose your users to XSS, clickjacking, MIME sniffing, and information disclosure.
Learn more in our complete guide to HTTP security headers.
Need the full picture?
Run a complete security audit with 150+ checks, OWASP Top 10, and CVE lookup.
Run Full Scan