Professional Documents
Culture Documents
5 CC 83 Cda 36195
5 CC 83 Cda 36195
Security Test
Test your Content Security Policy (CSP), HTTP Security Headers and overall web server security.
A-
61.5.134.70 April 30th 2019, 14:13
Some HTTP headers related to security and privacy are missing or misconfigured. Misconfiguration or weakness
SERVER
The web server discloses is version, potentially facilitating further attacks against it. Misconfiguration or weakness
Server: Microsoft-IIS/8.5
X-POWERED-BY
X-Powered-By: ASP.NET
STRICT-TRANSPORT-SECURITY
Strict-Transport-Security: max-age=31536000
Directives
Name Description
max-age Sets the time browsers must enforce the use of HTTPS to browse the website.
X-FRAME-OPTIONS
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
CONTENT-SECURITY-POLICY-REPORT-ONLY
Assessment of compliance with GDPR may be time consuming and requires consent of the website owner.
Please try ImmuniWeb® On-Demand for GDPR compliance audit.
REQUIREMENT 6.2
The web software and its components on the website cannot be fingerprinted. Make
Information
sure they are up2date.
REQUIREMENT 6.5
REQUIREMENT 6.6
No WAF was detected on the website. Implement and test a WAF to protect the
Misconfiguration or weakness
website against the most common web attacks.