HTTP Header Checker
Analyze security headers, get a grade, and fix recommendations.
Security Grade
Recommendations
| Header / Check | Status | Value | Score |
|---|
Raw Response Headers
Notes
- The header checker analyzes 13 security headers and cookie flags.
- Results are cached for 1 hour per URL.
- Grades are based on the presence and quality of each header.
- All checks are performed server‑side without storing any data.
FAQ
HSTS forces browsers to use HTTPS only, preventing downgrade attacks.
Content‑Security‑Policy prevents XSS and data injection attacks.
These headers control cross‑origin isolation, protecting against side‑channel attacks.
The tool provides specific recommendations for each missing header. You can add them via your server configuration or .htaccess.