Back to tools

HTTP Headers Auditor

Critical security headers

HTTP security headers help protect your website against common attacks:

  • Strict-Transport-Security (HSTS): Forces HTTPS usage
  • Content-Security-Policy (CSP): Prevents XSS and content injection
  • X-Content-Type-Options: Prevents MIME sniffing
  • Referrer-Policy: Controls referrer information
  • X-Frame-Options: Prevents clickjacking