FirefoxNightlyDeb
FirefoxNightlyDeb copied to clipboard
Hardenize Website
Its better for the visitors so as users to have secure path/browsing when they use vitex website/repo.
So here are some useful scanners to show useful reports on where the issues are:
https://www.hardenize.com/report/vitexsoftware.cz/1627479787 (many missing features) https://www.ssllabs.com/ssltest/analyze.html?d=www.vitexsoftware.cz&s=213.151.89.97 (B) https://securityheaders.com/?q=www.vitexsoftware.cz&followRedirects=on (F) https://observatory.mozilla.org/analyze/www.vitexsoftware.cz (F)
Important missing features/configs:
From ssllabs scanner:
https://www.ssllabs.com/ssltest/analyze.html?d=www.vitexsoftware.cz&s=213.151.89.97
We find:
- Check certificate expiray
Valid until | Tue, 22 Jun 2021 15:34:45 UTC (expired 1 month and 5 days ago) EXPIRED
- Disable TLS 1.0 , 1.1 (deprecated) , Allow TLS 1.3
- Disable weak ciphers
- OCSP stapling missing
- Hide Nginx version (better practice)
From Hardenize scanner
https://www.hardenize.com/report/vitexsoftware.cz/1627479787
We find:
- CAA (unless you are using CDN or so then thats different thing)
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#domain_caa
- Certificate doesn't match hostname
The provided certificate doesn't match the expected hostname.
Expected hostname: vitexsoftware.cz
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_certs
- PHPSESSID: missing HttpOnly , Secure , SameSite
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_cookies
- HSTS , HSTS-Preload missing
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_hsts
- CSP missing
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_csp
- webapp security
https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_xfo https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_xxssp https://www.hardenize.com/report/vitexsoftware.cz/1627479787#www_xcto
From securityheaders
https://securityheaders.com/?q=www.vitexsoftware.cz&followRedirects=on
We find:
Everything is missing :) .
ThX!