ScaleWhite Tools

Security Headers Checker

Analyze security headers (CSP, HSTS, X-Frame-Options, etc.) and get a security score.

What is Security Headers Checker?

This tool inspects and evaluates security-related HTTP response headers. It checks major security headers like Content-Security-Policy (CSP) and Strict-Transport-Security (HSTS), visualizing results with a score and grade. For missing or misconfigured headers, it provides recommended values, copy-paste server configurations for Nginx, Apache, Cloudflare, and Next.js, and a one-click bulk copy for all missing headers.

How to Use

  1. Enter the URL or domain of the website you want to check (e.g., example.com)
  2. Click the "Check" button or press Enter
  3. View the status of each security header and the overall score
  4. For missing or weak headers, expand "How to fix" to see recommended values and server configurations
  5. Use "Copy all missing headers" to bulk-copy all missing headers at once

Examples

  • Check security header configuration of your website
  • Verify CSP and HSTS are properly configured
  • Copy recommended values and server configs for immediate deployment
  • Web application security auditing