Mozilla Observatory — Find and fix security vulnerabilities in your site. - Source: dev.to / 3 months ago
Detectify once made an offer of making free scans which I took them up on. There are plenty of free Content Security Policy (CSP) and other vulnerability checkers around such as Observatory or Pentest. Shields UP!! Will identify which ports you have open. Source: 6 months ago
Scan our site with Mozilla Observatory and improve our grade by registering a domain name, enabling HTTPS, adding a certificate and setting security headers. - Source: dev.to / over 1 year ago
First, for session persistence, go with the default Django session with cookie storage. Set your cookie to HTTP only and ensure your application uses the most common HTTP security headers and controls. Test your application with https://observatory.mozilla.org/ to have an idea of what you're missing. Source: over 1 year ago
Rank your site on https://observatory.mozilla.org/ and it will give you some suggestions. Source: over 1 year ago
We checked the page works at the end of a previous section. You might also want to check the HTTP security headers. Both SecurityHeaders.com and Mozilla Observatory are good for this. You might not be able to get an A+ on both because SvelteKit does not add style CSP hashes (at the time of writing). Instead we used the style-src: unsafe-inline directive. CSS hashes are important, though; maliciously injected... - Source: dev.to / over 1 year ago
Mozilla Observatory — Find and fix security vulnerabilities in your site. - Source: dev.to / over 1 year ago
And observatory.mozilla.org for everything related to security measures .. I used audit results from both to work myself through this topic. Source: over 1 year ago
Thanks, I got started last year with checking mozillas observatory on how my sites were doing. And down the rabbit hole I went. Source: almost 2 years ago
Basically, if your website scores less than A on https://observatory.mozilla.org, you are doing it wrong. Source: about 2 years ago
I finally got around to testing my servers' SSL configs using https://observatory.mozilla.org/ and that led me to wonder whether there are other checkers I should be running and also if there are checkers for other services/protocols. For SSL, I am also aware of https://www.ssllabs.com/ssltest/index.html but its information is less user friendly. It also occurred to me that listing this type of stuff in the... Source: about 2 years ago
Honestly it makes no sense to me. I go on a different device to http://xxxx.xxxx.com and it redirects me to https://xxxx.xxxx.com. I have yet to find a way to force it to a http site to replicate the error from the Mozilla security tool (https://observatory.mozilla.org/). Source: over 2 years ago
There are many notable open-source projects (SSLyze, CipherScan, testssl.sh, tls-scan, …) and several SaaS solutions (CryptCheck, CypherCraft, Hardenize, ImmuniWeb, Mozilla Observatory, SSL Labs, …) to do a security setting analysis, especially when we are talking about TLS, which is the most common and popular cryptographic protocol. However, most of these tools heavily depend on one or more versions of one or... - Source: dev.to / almost 4 years ago
There, now you and your users are safer. Go ahead to observatory.mozilla.org and test your plex.domain and see how it does. Source: over 2 years ago
Also, if you're going to go the path of reverse-proxy for outside access I definitely recommend getting your SSL setup as strong as possible. Mozilla has a really handy SSL config generator service for helping with basic setup, and another service called Observatory for testing your SSL security once up and running. And there's also another really good SSL sec test service by SSLabs. It's good to test with more... Source: over 2 years ago
This is a good guide to start, and has advanced options near the bottom such as Modsecurity: Https://geekflare.com/apache-web-server-hardening-security/ This is good for advanced hardening if you want to go far with HTTP headers and browser-site behavior: Https://observatory.mozilla.org/ This is an amazing tool for testing SSL suites and for SSL vulnerabilities: Https://www.ssllabs.com/ssltest/. Source: over 2 years ago
Thats it for today folks. In the meantime, there are plenty of other ways (not listed above) to secure your Apache web server and Django Web Application, as well. Continue researching and keeping yourself updated about new directives and modules to secure your server further and keep on cross checking your website against the Mozilla observatory scan. - Source: dev.to / over 2 years ago
And then, today, I decided to see what https://observatory.mozilla.org had to say and, well, I got an F on some of my subdomains. Source: over 2 years ago
Do some benchmark chasing. Scan using https://www.ssllabs.com and https://observatory.mozilla.org/ . If you’re a B+ or higher, you’re doing better than most websites out there. Source: over 2 years ago
Also, while not directly tied to SEO, Mozilla Observatory is fantastic for analyzing your website for security gaps. And that can have a big impact on SEO these days. Source: over 2 years ago
Mozilla Observatory — Find and fix security vulnerabilities in your site. - Source: dev.to / almost 3 years ago
Do you know an article comparing Mozilla Observatory to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Mozilla Observatory. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.