NeoShield Security logo NeoShield Security Quantum X

// tool reference · Vulnerability & Assessment

HTTP Security Header Checker Free

Grade a site's response headers and get copy-paste fixes.

Open HTTP Security Header Checker → Engine: /security-tools/header_checker


What it does

Grades a site's HTTP security headers and returns the exact header line to add for each gap.

When to use it

Inputs

Field names are the actual form parameters, verified against source.

FieldTypeRequiredNotes
url url required Full URL including scheme.

What you get back

Per-header grade, why it matters, and the literal header to set.

Worked example

Input

https://example.com

Output (abridged)

MISSING  Strict-Transport-Security
         → Strict-Transport-Security: max-age=31536000; includeSubDomains

MISSING  Content-Security-Policy
         → start with: default-src 'self'; object-src 'none'; frame-ancestors 'none'

WEAK     X-Frame-Options: ALLOWALL
         → superseded by CSP frame-ancestors 'none'

PRESENT  Referrer-Policy: strict-origin-when-cross-origin

How it works

Single SSRF-guarded, IP-pinned request. No redirects followed.

Privacy

The checked URL is not associated with your account.

Standards

OWASP Secure Headers Project

Related tools

← All tools Manual home