HTTP

Security Headers Grade

Get A+ to F grade for HTTP security headers. Like SecurityHeaders.com. CSP, HSTS, X-Frame-Options.

Get A+ to F grade. Competes with SecurityHeaders.com.

How to use

  1. Enter a domain, URL, or value relevant to Security Headers Grade.
  2. Run the check and review the output carefully.
  3. Apply recommended fixes, then run the check again to verify.

Common use cases

  • Pre-deployment validation for Security Headers Grade.
  • Incident triage when security checks fail in production.
  • Periodic security review as part of technical SEO and hardening.

Example inputs

example.comgithub.com

Common issues and fixes

Grade F

No security headers. Add at least X-Frame-Options and X-Content-Type-Options.

CSP missing

Content-Security-Policy is critical for XSS protection.

Recommended remediation

Add headers in web server or app. Target A+ with CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy.

FAQ

Is Security Headers Grade free to use?

Yes. This tool is free and can be used without account registration.

Do you store submitted values?

Only the minimum processing needed for the check. For client-side tools, data stays in your browser.

How should I use these results?

Use the output as a diagnostic baseline, apply fixes in your stack, then re-run the check to confirm remediation.

Related security tools

HTTP Header Analyzer

Analyze HTTP response headers and check security headers like CSP, HSTS, X-Frame-Options.

HSTS Checker

Check Strict-Transport-Security header. Verify max-age, includeSubDomains, preload.

CSP Checker

Check Content-Security-Policy. Parse directives, detect unsafe-inline, unsafe-eval.

Referrer-Policy Checker

Check Referrer-Policy header. Control referrer info. Privacy & security. Like Barrion.