Free Security Headers Checker
Check HSTS, CSP, X-Frame-Options, and all critical security headers with detailed recommendations.
β No signup required β Instant results β 100% free
Why Security Headers Matter
π‘οΈ HSTS
Forces browsers to use HTTPS connections, preventing downgrade attacks.
π CSP
Controls resource loading to prevent XSS and data injection attacks.
πΌοΈ X-Frame-Options
Protects against clickjacking by controlling iframe embedding.
π X-Content-Type-Options
Prevents MIME-type sniffing to reduce XSS risks.
π Referrer-Policy
Controls how much referrer information is shared with requests.
π― Permissions-Policy
Controls which browser features and APIs can be used.