Internet Toolset logo Internet Toolset 629+ Tools

Security Headers Checker

Analyze HTTP security headers for any website and review the browser hardening baseline that your responses actually send.

https://

How to use the score

Treat the score as a baseline coverage signal, not as complete proof that your header values are correct. A present but weak header can still need remediation.

  • Missing HSTS, CSP, or Referrer-Policy usually deserve immediate review.
  • Use the checker after CDN, proxy, or application-server changes.
  • Review the value itself, not just whether the header exists.

Why header reviews matter

Security headers influence transport safety, framing behavior, content execution, and browser feature access. Small configuration gaps can widen attack surface without obvious product breakage.

  • HSTS protects against downgrade and cookie interception risks.
  • CSP and X-Frame-Options reduce common browser-side abuse paths.
  • Referrer and Permissions policies shape privacy and feature exposure.

Header checklist

Grading scale

  • A - All essential headers present
  • B - Most headers configured
  • C - Some headers missing
  • D/F - Critical headers missing

Related security tools

← Security Audit Checklist More Security Security Posture Workflow →
API Key Rotation Planner Security
Csp Generator Security
Csp Report Triage Mapper Security
CSP vs SRI vs Security Headers Security
CSRF Token Policy Checker Security
Hash Generator Security
Browse Tools

Tool Navigation

629+ tools across 43 categories