HTTPS Readiness test

Domain analysis: itgagu.co.kr

Always redirect to same domain https://itgagu.co.kr (BEST PRACTICE!)

IP address: 220.73.161.90

Certificate details

This SSL Certificate was created especially for itgagu.co.kr

Certificate issued by Let's Encrypt, of type R3 (auto renewal)

Certificate start date: Sep 10 06:00:28 2023 GMT

Certificate expiration: Dec 9 06:00:27 2023 GMT (in 66 days)

Certificate validity period: 90 days (probably automated renewal)

Encryption algorithm: TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

More certificate details?

SSL Labs: get more detailed HTTPS report

Mozilla Observatory: get more detailed HTTPS report

HTTPS Headers

Missing HTTP header x-xss-protection - 1

Missing HTTP header x-frame-options - 1

Missing HTTP header content-security-policy - 1

Missing HTTP header strict-transport-security (HSTS)

For a GDPR-focused review of your domain, use Churlie GDPR Checkup

Content details

No mixed content: no http files used in the https page

How to get https for your site

Let’s Encrypt is a free, automated, and open Certificate Authority.
Example: cloudfleet.io, scotthelme.co.uk
Cloudflare One-Click SSL (also on the Free Plan)
Example: toolstud.io
Paid certificates: Verisign, GeoTrust, Comodo, DigiCert, Thawte, Globalsign
Example: www.amazon.com, www.mozilla.org, twitter.com

References

Google Chrome and/or Search will punish your website for insecure content and practices. In short, every site should be https://, and should send every visitor of their http:// site to the secure one.
Google Chrome: Our plan to label HTTP sites as non-secure is taking place in gradual steps
Data Security Action Plan, step 1: Implement strict encryption measures on all network traffic
BuiltWith: SSL by Default Usage Statistics
Analysis of the Alexa Top 1M sites: HTTPS, HSTS, CSP

toolstud.io

2.4.1

• web tools by Peter Forret • © 2006-2023 • Questions or remarks? Contact me! • Advertise here • Privacy statement