Free tool
Security headers scanner
Scan any site's HTTP response headers and get a graded report — with the exact header to add for anything that's missing or weak.
Try:
/ security headers in place
Information disclosure
Why security headers matter
HTTP security headers are instructions your server sends with every response that tell the browser how to behave defensively — which scripts to trust, whether the page may be framed, and whether to enforce HTTPS. They're some of the cheapest, highest-impact hardening you can add to a site.
This scanner checks the six headers that matter most and flags any that leak details about your stack. Each missing header comes with the exact value to add, so you can copy it straight into your web server or framework config.