🛡️ Security Headers Monitor
The Security Headers monitor checks your website for important HTTP security headers that protect against common attacks.
🎯 功能说明
- Fetches the HTTP response headers from your website
- Checks for the presence and values of security-related headers
- Alerts if critical security headers are missing
🛡️ Headers Checked
| 头部 | 用途 |
|---|---|
X-Frame-Options | Prevents clickjacking |
X-Content-Type-Options | Prevents MIME-type sniffing |
X-XSS-Protection | Enables browser XSS filter |
Strict-Transport-Security | Forces HTTPS (HSTS) |
Content-Security-Policy | Controls resource loading |
Referrer-Policy | Controls referrer info |
Permissions-Policy | Controls browser features |
💡 技巧
- Check your headers at securityheaders.com for a quick grade.
- Some frameworks and CDNs add these automatically — check before implementing manually.
- A daily or hourly check is sufficient — headers don't change often.