A quick checklist to audit your website security in 10 minutes.
1. SSL Certificate
Check expiry date. Use Let's Encrypt for free certs.
2. Security Headers
CSP, HSTS, X-Frame-Options, X-Content-Type-Options.
3. CORS Settings
Don't use wildcard origins.
4. Open Ports
Close unused ports.
5. Software Updates
Keep everything patched.
6. Strong Passwords
Use 2FA everywhere.
7. Backups
Automated, off-site backups.
8. Directory Listing
Disable it.
9. SQL Injection
Use parameterized queries.
10. XSS Protection
Sanitize user input, use CSP.
Scan your website free: https://sec.92888888.xyz/websec-scanner/
Pro version $29: https://sec.92888888.xyz/websec-scanner/store
Top comments (0)