Searching the most secure Website

Let’s have a challange! Where is the most secure Website or Webapp? There are two known test enviroments for Developers, Admins and Webmasters to check Security. The first one is from Mozilla Foundation and can be found here: https://observatory.mozilla.org The 2nd test can be found here: https://www.ssllabs.com/ssltest/ and it is checking implemention of SSL certs.

P.S. Of course Security is more complex than these two online pen-tests. Heck they make Websites compareable and that’s all about.

I’ll start, my website https://jakobssystems.net has an A degree (Mozilla Test = A, QUALYS Test = A+)

Is there something better than A+ or did you just come joint first no matter what anyone else does?
:slight_smile:

oh the Mozilla Test offers an A+ where I have a simple A :wink:

I thought I was the only one who checks the security of their site… Apparently the checks I did before weren’t as awesome as that Mozilla one and it looks like I have a bunch of work to do (and even more to learn)…

I am shocked that all - literally - all known websites from banks, government etc. haven’t implemented known security technologies. Many websites even don’t have proper SSL redirections, making them vulnerable to man-in-the-middle attacks every script kiddie could perform while politicians talking 'bout evil Russians or impact of fake news…

yeah… I was looking at doing the HSTS thing, but just haven’t had time (of course there really isn’t anything on my site that requires all of this, but I like to keep up on it)… So many more things in those score cards that I need to implement too… Hopefully I can move my overall score up from an F :wink:

It does feel nice to score A+ on both tests, but HTTP is far from the only thing on a server that needs securing.

Arrrg u got A+ on Mozilla-Test?!? Grrr… tell me your domain :wink:

Yep, these test are a nice foundation to start with and get into conversation with customers. How many webdesigners (not developers) are using plesk or webmin servers with open root access over the net?

My domain is thezaz.com and it took a lot of tinkering to get it that way.

Congrats Thom and my deep respect… I am still struggeling for the final + for my site :slight_smile:
Ja I believe you, it’s hard work to achieve this.