Let’s have a challange! Where is the most secure Website or Webapp? There are two known test enviroments for Developers, Admins and Webmasters to check Security. The first one is from Mozilla Foundation and can be found here: https://observatory.mozilla.org The 2nd test can be found here: https://www.ssllabs.com/ssltest/ and it is checking implemention of SSL certs.
P.S. Of course Security is more complex than these two online pen-tests. Heck they make Websites compareable and that’s all about.
I’ll start, my website https://jakobssystems.net has an A degree (Mozilla Test = A, QUALYS Test = A+)
I thought I was the only one who checks the security of their site… Apparently the checks I did before weren’t as awesome as that Mozilla one and it looks like I have a bunch of work to do (and even more to learn)…
I am shocked that all - literally - all known websites from banks, government etc. haven’t implemented known security technologies. Many websites even don’t have proper SSL redirections, making them vulnerable to man-in-the-middle attacks every script kiddie could perform while politicians talking 'bout evil Russians or impact of fake news…
yeah… I was looking at doing the HSTS thing, but just haven’t had time (of course there really isn’t anything on my site that requires all of this, but I like to keep up on it)… So many more things in those score cards that I need to implement too… Hopefully I can move my overall score up from an F
Arrrg u got A+ on Mozilla-Test?!? Grrr… tell me your domain
Yep, these test are a nice foundation to start with and get into conversation with customers. How many webdesigners (not developers) are using plesk or webmin servers with open root access over the net?