Which HTTP security headers does mySites.guru check?

mySites.guru checks eight headers on every snapshot: Content Security Policy, Expect-CT, Feature Policy (deprecated), Permissions Policy, Referrer Policy, Strict Transport Security, X-Content-Type-Options, and X-Frame-Options.

How often does mySites.guru check my site's security headers?

Security header checks are performed as part of the site snapshot, which is taken over twice a day.

Will having correct security headers fully protect my site?

No — security headers are best practice and help defend against XSS and clickjacking, but no single header alone will prevent a compromise.

Check your websites security headers with mySites.guru

There are a set of nifty HTTP Headers that you can emit from your site on every response which will harden your site against spoofing, XSS and more

MySites.guru REFRESH BLACK

Here at mySites.guru, we have just launched 8 new checks in the snapshot that is taken of your sites over twice a day!

The eight headers we now look for on responses from your site are:

Content Security Policy
Expect CT
Feature Policy (We check you DONT have this deprecated header)
Permissions Policy (We check you DO have this new header!)
Referrer Policy
Strict Transport Security
X-Content-Type-Options
X-Frame-Options

None of these headers alone will protect your site from compromise - do not be lured into a false sense of security. However it is best practice to LEARN about them, and APPLY them to your site wherever possible to best defend against compromise, clickjacking and XSS.

Screenshot of mySites.guru feature

Not a mySites.guru subscriber?

We know not everyone reading this blog is a subscriber, although we surpassed 64,000 sites connected (and heading for 65000 quickly!) - we hope you will take our service for a test - grab yourself FIRST MONTH FREE while you are there!

If you really don’t want to subscribe, The best place you can get a quick overview of your sites security headers is over at https://securityheaders.com - we heavily promote and link to their site throughout the mySites.guru snapshot checks.

HTTP Response headers are a great thing to have set right, but also be sure that your site follows all kinds of other best practice - mySites.guru has all that best practice wrapped up in one unique service, to manage multiple Joomla sites, or manage multiple WordPress sites all in one place.

Out of your depth? Need Help?

Phil Taylor

The Original Joomla Expert – Since 2004

Found issues with your Joomla site? Get same-day expert help fixing errors, security issues, and performance problems. Flat-rate pricing, no hourly billing surprises.

● Fix hacked or compromised sites
● Resolve PHP errors & White Screen of Death
● System upgrades & PHP 8 compatibility
● Performance optimization & hosting issues
● £120 flat rate per incident

Get Expert Help TODAY! →

If we can't add value, you don't pay • Same-day turnaround

20+ Years – Fixing Websites

Need Help Addressing Health Check Issues?

Phil Taylor has been fixing Joomla sites since 2004. If it were simple, you would have done it yourself by now. Get professional help from someone who's seen it all.

✓ 20+ years of Joomla & PHP expertise
✓ Same-day turnaround on most issues
✓ No charge if we can't add value or fix the problem

Not a mySites.guru subscriber?

Ready to Take Control?

Out of your depth? Need Help?

Need Help Addressing Health Check Issues?