Website Security Endpoints

10 endpoints available

Comprehensive website security assessment covering SSL/TLS certificates, certificate chains, OCSP stapling, Certificate Transparency logs, HTTP security headers, HSTS configuration, WAF detection, and cipher suite analysis. Essential for security engineers, DevSecOps, and penetration testers.

Security Headers

/v1/security/headers

Analyze HTTP security headers, score, and compliance

Security Score

/v1/score/security

Composite security score from 8 weighted factors

SSL Certificates

/v1/domain/ssl

Analyze active SSL/TLS certificate details

TLS Version

/v1/domain/tls-version

Check supported TLS protocol versions

Cipher Suites

/v1/domain/ciphers

Analyze TLS cipher suite configuration

Certificate Chain

/v1/domain/cert-chain

Validate SSL certificate chain

OCSP Status

/v1/domain/ocsp

Check TLS certificate trust and OCSP responder information

CT Logs

/v1/domain/ct-logs

Search Certificate Transparency logs

HSTS Check

/v1/domain/hsts

Check HSTS policy and preload status

WAF Detection

/v1/domain/waf

Detect Web Application Firewall

Related Standards & References

Learn more about the protocols and standards behind these endpoints.

OWASP Secure Headers

Security headers best practices

RFC 5280 - X.509 Certificates

PKI certificate and CRL profile

RFC 6797 - HSTS

HTTP Strict Transport Security specification

Try These Endpoints

Test Website Security endpoints live in the playground. No signup required.

Open Playground Get Started Guide

We use essential cookies for secure sign-in (Clerk authentication). We also use optional analytics cookies (Google Analytics) to understand page visits and site usage. No advertising or tracking cookies. Analytics cookies are disabled by default. You can reject all optional cookies or manage preferences in our cookie policy.