Hardenize VS Security Headers

Hey, I'm looking for an in-depth analysis of the security Skiff Mail. Pros and cons, arguments for and against, all the stuff. Couldn't find anything conclusive online (since it's relatively new) except what I could dig myself: WHOIS data, hardenize.com results, etc. Source: over 1 year ago

Https://hardenize.com is quite pretty, but there's nowhere near $999/mo of value in it for me! - Source: Hacker News / about 2 years ago

It does a little more and little less. More: Enter a list of (sub-) domains and get informed via email when "SSL things" change (for better or for worst), or your https certificate is about to expire. Less: No fancy pansy "report" Personally I prefer https://hardenize.com nowadays, over ssllabs for these kind of queries. - Source: Hacker News / about 2 years ago

If you have a custom email with ProtonMail you can check your setup on hardenize.com. That's what I use to make sure everything is set up correctly. Source: about 2 years ago

There are many notable open-source projects (SSLyze, CipherScan, testssl.sh, tls-scan, …) and several SaaS solutions (CryptCheck, CypherCraft, Hardenize, ImmuniWeb, Mozilla Observatory, SSL Labs, …) to do a security setting analysis, especially when we are talking about TLS, which is the most common and popular cryptographic protocol. However, most of these tools heavily depend on one or more versions of one or... - Source: dev.to / almost 4 years ago

There are so many accessibility issues on Hacker News! Ways to avoid the same mistakes? Easy... 1 - Make sure everyone involved from designers to developers to content creators to testers to... Whatever your village has in it... Has knowledge of WCAG. (New standards out a few weeks ago!) WCAG is the de facto law of the land now, and businesses are liable from damages if they don't make efforts to ensure all users... - Source: Hacker News / 6 months ago

Few minor accessibility issues. https://wave.webaim.org/report#/https://propbox.co/ Bunch of front-end security issues. Some of these are trivial, but also... Why not just knock them out? https://securityheaders.com/?q=https%3A%2F%2Fpropbox.co%2F&followRedirects=on The Privacy page is a nightmare, as others have pointed out. Why do this? Won't work with screen readers, won't let users copy text... it's bad.... - Source: Hacker News / 10 months ago

FWIW HN sets the Referrer-Policy header [1] to origin [2] but I have no idea how many browsers honor that. [1] - https://scotthelme.co.uk/a-new-security-header-referrer-policy/ [2] - https://securityheaders.com/?q=https%3A%2F%2Fnews.ycombinator.com%2F&hide=on&followRedirects=on. - Source: Hacker News / 11 months ago

I was recently tasked with improving the security rating on one of our websites. This involved a couple of things but the thing I want to focus on in this post is security headers. We scanned the site here and were initially given a rating of 'E'. Not good. So one of the recommendations was to add security headers which are headers contained in the HTTP response and can provide various different security benefits,... - Source: dev.to / 11 months ago

Google has to know about the site before it can index it. Set up the sitemap, then link the sitemap in from Google's Search Console Tools, and install Google Analytics. This will help Google pick up that your site exists. Make sure your robots.txt file is configured to allow crawlers. Make sure your pages aren't inadvertently NOINDEX'd. SEO isn't as relevant as it used to be, but all this stuff should be part of... - Source: Hacker News / 11 months ago