Web site security audit

Perform a basic security audit of your site now with Blue Refraction. Check key HTTP headers for security related settings.

  • X-XSS-Protection – Current browsers have integrated filters in order to detect a possible attack. Add the \”X-XSS-Protection\” HTTP header with \”1; mode=block\” as a value (1 to indicate the activation, and mode=block to indicate that the entire page must be blocked if a problem occurs) will force the execution of these filters.
  • X-content-Type-options – The only defined value, \”nosniff\”, prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type. Set X-Content-Type-Options: nosniff in the header
  • X-Frame-Options – This header to provides Click-jacking protection. Values: deny – no rendering within a frame, sameorigin – no rendering if origin mismatch, allow-from: DOMAIN – allow rendering if framed by frame loaded from DOMAIN
  • X-Powered-By – The header announces your server type. Remove X-Powered-By from your page headers to mask the type of web server you are using.


Terms of Use
Privacy Policy

Recent Blog Posts

Graphical site map
February 14, 2016

Logging Data to Blue Refraction
February 7, 2016

Simple daily site check
February 5, 2016

Testing your SEO back links

Track Your Site Rank in Google Analytics
February 25, 2016

Using the Site Audit REST API
February 27, 2016

Web site security audit
February 29, 2016

Get in Touch

  • Phone:
    1300 721 886
  • Email:
    Contact Us
  • Address:
    PO Box 169
    Cammeray, NSW
    Australia 2062