Todas as utilidades
Segurança HTTP
Verificador de cabeçalhos de segurança
Avalie HSTS, CSP, X-Frame-Options e cabeçalhos de resposta relacionados.
Os pedidos são enviados a partir da Alemanha (DE).
Sobre esta ferramenta
Use the security headers checker to audit HTTP response headers that protect browsers from common attacks. This free tool validates CSP, HSTS, X-Frame-Options, and related controls in one pass.
Teams use it to harden applications, reduce clickjacking exposure, and enforce safer content loading policies. Quick visibility into missing headers makes security remediation faster and more measurable.
Perguntas frequentes
- Which headers are most important to check first?
- Start with Content-Security-Policy, Strict-Transport-Security, X-Content-Type-Options, and frame protection controls.
- Can missing headers cause real risk?
- Yes, absent or weak headers can increase exposure to XSS, clickjacking, and downgrade-related attack patterns.
- How often should I run a security headers audit?
- Run it after major releases and periodically in CI or monitoring workflows to catch regressions early.