Free tool
How secure is
your website?
Enter your domain and we'll check the basics — HTTPS, your SSL certificate, email security, security headers, and more. Takes under 30 seconds. No account needed.
Passive checks only — we never probe for vulnerabilities or perform port scans.
What we check
HTTPS reachability
Can your site be reached securely? Does it load within 10 seconds?
SSL certificate
Is your certificate valid, properly signed, and not expiring soon?
Security headers
Does your site send the 6 headers that protect visitors from common attacks?
Email security
Are SPF and DMARC set up to stop scammers impersonating your email?
DNS records
Do you have the right records to receive email? MX records check.
Platform detection
Is your WordPress version publicly visible? That's a risk.
Server information
Is your server advertising version details attackers can exploit?
robots.txt & security.txt
Do these standard files exist on your site?
All checks are passive. We only read publicly available information — no port scanning, no brute-forcing, no vulnerability probing.