Security Report Summary
D
Site: https://webkamerton.ru/
IP Address: 192.145.97.84
Report Time: 19 Apr 2024 21:49:11 UTC
Headers:
  • X-Content-Type-Options
  • Content-Security-Policy
  • Strict-Transport-Security
  • X-Frame-Options
  • Referrer-Policy
  • Permissions-Policy
Warning: Grade capped at A, please see warnings below.
Advanced:
Your site could be at risk, let’s perform a deeper security analysis of your site and APIs:
Missing Headers
Strict-Transport-SecurityHTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. Recommended value "Strict-Transport-Security: max-age=31536000; includeSubDomains".
X-Frame-OptionsX-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. Recommended value "X-Frame-Options: SAMEORIGIN".
Referrer-PolicyReferrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites.
Permissions-PolicyPermissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.
Warnings
X-Content-Type-OptionsThere was a duplicate X-Content-Type-Options header.
Content-Security-PolicyNo valid directives found in policy.
Raw Headers
HTTP/2200
servernginx/1.20.2
dateFri, 19 Apr 2024 21:49:10 GMT
content-typetext/html; charset=UTF-8
x-content-type-optionsnosniff
x-powered-byPHP/7.4.27
cache-controlmust-revalidate, no-cache, private
x-drupal-dynamic-cacheHIT
link<https://webkamerton.ru/>; rel="shortlink", <https://webkamerton.ru/>; rel="canonical"
x-ua-compatibleIE=edge
content-languageru
x-content-type-optionsnosniff
x-drupal-cache-tagsblock_content:1 block_content:10 block_content:2 block_content:3 block_content:5 block_content:6 block_content:7 block_content:8 block_content:9 block_content_view block_view config:block.block.kamerton_account_menu config:block.block.kamerton_bannery config:block.block.kamerton_branding config:block.block.kamerton_breadcrumbs config:block.block.kamerton_content config:block.block.kamerton_footer config:block.block.kamerton_frontcontent config:block.block.kamerton_help config:block.block.kamerton_informer config:block.block.kamerton_kitegorii config:block.block.kamerton_kopiraitimenu config:block.block.kamerton_local_actions config:block.block.kamerton_local_tasks config:block.block.kamerton_main_menu config:block.block.kamerton_menuucetnoizapisipolzovatela config:block.block.kamerton_messages config:block.block.kamerton_nomervypuska config:block.block.kamerton_osnovnayanavigaciya config:block.block.kamerton_osnovnayanavigaciya_2 config:block.block.kamerton_pagetitle config:block.block.kamerton_popularnyematerialy config:block.block.kamerton_posledniekommentariicackle config:block.block.kamerton_powered config:block.block.kamerton_primecanie config:block.block.kamerton_raskrytaaformasearch_contentpage_1 config:block.block.kamerton_scetciki config:block.block.kamerton_sveziinomer config:block.block.kamerton_tools config:block.block.kamerton_views_block__blok_knigi_block_1 config:block.block.kamerton_views_block__blok_knigi_block_2 config:block.block.kamerton_views_block__books_block_1 config:block.block.kamerton_views_block__comments_recent_block_1 config:block.block.kamerton_views_block__karusel_na_glavnoi_block_1 config:block.block.kamerton_views_block__last_content_block_1 config:block.block.kamerton_views_block__last_content_block_2 config:block.block.kamerton_views_block__last_content_block_3 config:block.block.kamerton_views_block__materialy_polzovatela_block_1 config:block.block.kamerton_views_block__metropolis_block_1 config:block.block.kamerton_views_block__novoe_na_sayte_block_1 config:block.block.kamerton_views_block__pohozie_publikacii_block_1 config:block.block.kontaktyozhurnale config:block.block.kopirayt config:block.block.partnery config:block.block.svezhiynomershapka config:block.block.views_block__anons_main_block_1 config:block.block.views_block__anons_main_block_2 config:block.block.views_block__favorite_first_block_1 config:block.block.views_block__favorite_test_block_1 config:block.block.views_block__pohozie_publikacii_block_2 config:block.block.views_block__populyarnye_rubriki_block_1 config:block.block.views_block__poslednie_kommentarii_block_1 config:block.block.views_block__posledniy_post_iz_arkhiva_block_1 config:block_list config:color.theme.kamerton config:field.storage.node.body config:field.storage.node.field_god config:field.storage.node.field_image config:field.storage.node.field_mesyac config:field.storage.node.field_nomer config:field.storage.node.field_ssylka_na_nomer config:field.storage.taxonomy_term.field_category_image config:filter.format.full_html config:image.style.blok_novoe_360_x_180 config:image.style.knigi_glavnaya config:image.style.svezhiy_nomer_155_x_155 config:system.menu.main config:system.site config:user.role.anonymous config:views.view.anons_main config:views.view.books config:views.view.favorite_first config:views.view.favorite_test config:views.view.metropolis config:views.view.novoe_na_sayte config:views.view.populyarnye_rubriki file:13163 file:13164 file:13194 file:13394 file:25244 file:25350 file:25369 file:25745 file:25779 file:25832 file:25996 file:26009 file:26012 file:26017 file:26025 http_response local_task node:15542 node:15553 node:15573 node:15587 node:15645 node:15652 node:15661 node:15678 node:15685 node:15691 node:15693 node:15694 node:15695 node:15697 node:15698 node:2 node:4 node_list rendered taxonomy_term:13 taxonomy_term:1368 taxonomy_term:1950 taxonomy_term:1985 taxonomy_term:2025 taxonomy_term_list user:0 user:1173 user:2603 user:2662 user:269 user:2732 user:2813 user:2892 user:3115 user:3129 user:3200 user:3202 user:777
x-drupal-cache-contextslanguages:language_content languages:language_interface route theme timezone url.path url.query_args:_wrapper_format user
expires-1
vary
x-generatorDrupal 8 (https://www.drupal.org)
content-security-policy
x-drupal-cacheHIT
pragmano-cache
Upcoming Headers
Cross-Origin-Embedder-PolicyCross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP.
Cross-Origin-Opener-PolicyCross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser.
Cross-Origin-Resource-PolicyCross-Origin Resource Policy allows a resource owner to specify who can load the resource.
Additional Information
serverThis Server header seems to advertise the software being run on the server but you can remove or change this value.
x-content-type-optionsX-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".
x-powered-byX-Powered-By can usually be seen with values like "PHP/5.5.9-1ubuntu4.5" or "ASP.NET". Trying to minimise the amount of information you give out about your server is a good idea. This header should be removed or the value changed.
x-content-type-optionsX-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff".
content-security-policyContent Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. Analyse this policy in more detail. You can sign up for a free account on Report URI to collect reports about problems on your site.