How to check my server is secure or not?

  • Home
  • Blog
  • How to check my server is secure or not?
About

How to check my server is secure or not?

in Tips and Tricks

Security Checks for Server

Susceptible to man-in-the-middle attacks – 3
Insecure SSL/TLS versions available
HSTS header not prepared for preload list inclusion
Secure cookies not used

Domain at risk of being hijacked – 4
Domain registry deletion protection not enabled
Domain registry transfer protection not enabled
Domain registry update protection not enabled
Domain renewal prohibited by registrar
Vulnerable to cross-site attacks
HttpOnly cookies not used

Emails can be fraudulently sent – 2
Lenient SPF filtering
DMARC not enabled
DNS is susceptible to man-in-the-middle attacks
DNSSEC not enabled
DNSSEC records prevent third parties from forging the records that guarantee a domain’s identity. DNSSEC should be configured for this domain.
EXPECTED:
true
FOUND:
false

Not susceptible to man-in-the-middle attacks – 9
SSL available
SSL does not expire soon
SSL has not expired
Strong SSL algorithm
Hostname matches SSL certificate
All traffic routed via HTTPS
HTTP Strict Transport Security (HSTS) enforced
HSTS header contains max-age
HSTS header contains includeSubDomains

Domain not at risk of being hijacked – 11
Domain does not expire soon
Domain has not expired
Domain registrar transfer protection enabled
Domain registrar deletion protection enabled
Domain registrar update protection enabled
Domain not flagged as inactive
Domain not pending deletion
Domain not pending restoration
Domain free of registry DNS resolution hold
Domain free of registrar DNS resolution hold
Domain renewal not prohibited by registry

No malware detected – 3
Not a suspected phishing page
Not a suspected malware provider
Not suspected of unwanted software

Vulnerabilities are harder to uncover – 4
X-Powered-By header not exposed
ASP.NET version header not exposed
ASP.NET version header not exposing specific ASP.net version
Server information header not exposed
No vulnerable software detected
No vulnerable software versions detected

Email sending is authenticated – 3
SPF enabled
SPF syntax correct
SPF ptr mechanism not used

No unnecessary open ports found – 7
No mail ports open and listening
No app ports open and listening
No user auth ports open and listening
No file sharing ports open and listening
No voice ports open and listening
No administration ports open and listening
No database ports open and listening

Leave a Reply