One-click check of a domain's SSL certificate, security headers and DNSSEC, with a weighted overall score and recommendations.
• Enter a bare domain without https:// (e.g. example.com)
• The overall score is a weighted sum of SSL certificate, security headers and DNSSEC
• Results can be saved as a link, QR code or embed snippet
The website security score checks a domain's SSL/TLS certificate, HTTP security headers and DNSSEC in one pass: whether the certificate is valid, whether its signature algorithm and key strength are adequate, whether HTTPS is enforced with HSTS/CSP and other headers, and whether the domain has DNSSEC against hijacking — then aggregates everything into a weighted 0–100 score with a letter grade.
It is handy for a pre-launch security baseline, re-checking after certificate renewal or configuration changes, demonstrating a site's security posture to clients, and diagnosing the root cause of browser security warnings.
It covers the SSL/TLS certificate (validity, signature algorithm, key strength, trust chain), HTTP security headers (HTTPS redirect, HSTS, CSP, X-Frame-Options, etc.) and DNSSEC signing status, combined by weight into an overall score.
When an item cannot be measured (for example the target has no HTTPS or the lookup times out) it is marked 'Not evaluated' and excluded from the overall score, so a temporary outage does not skew the result.
Yes. Click 'Save & share' to generate a report link valid for 30 days; you can copy the link, share a QR code, or embed it as an iframe in a blog or website.