HTTPS Readiness test

Domain analysis: toolstud.io

Always redirect to same domain https://toolstud.io (BEST PRACTICE!)

IP addresses: 188.114.96.0, 188.114.97.0

Certificate details

This SSL Certificate was created especially for toolstud.io

Certificate issued by Google Trust Services LLC, of type GTS CA 1P5 (auto renewal)

Certificate start date: Aug 8 06:32:18 2023 GMT

Certificate expiration: Nov 6 06:32:17 2023 GMT (in 45 days)

Certificate validity period: 90 days (probably automated renewal)

Encryption algorithm: TLSv1.3 / TLS_AES_256_GCM_SHA384

More certificate details?

SSL Labs: get more detailed HTTPS report

Mozilla Observatory: get more detailed HTTPS report

HTTPS Headers

Missing HTTP header content-security-policy - 1

HTTP header x-xss-protection is OK - 1

HTTP header x-frame-options is OK - 1

HTTP header strict-transport-security (HSTS) is OK (6 months valid)

For a GDPR-focused review of your domain, use Churlie GDPR Checkup

Content details

No mixed content: no http files used in the https page

How to get https for your site

Let’s Encrypt is a free, automated, and open Certificate Authority.
Example: cloudfleet.io, scotthelme.co.uk
Cloudflare One-Click SSL (also on the Free Plan)
Example: toolstud.io
Paid certificates: Verisign, GeoTrust, Comodo, DigiCert, Thawte, Globalsign
Example: www.amazon.com, www.mozilla.org, twitter.com

References

Google Chrome and/or Search will punish your website for insecure content and practices. In short, every site should be https://, and should send every visitor of their http:// site to the secure one.
Google Chrome: Our plan to label HTTP sites as non-secure is taking place in gradual steps
Data Security Action Plan, step 1: Implement strict encryption measures on all network traffic
BuiltWith: SSL by Default Usage Statistics
Analysis of the Alexa Top 1M sites: HTTPS, HSTS, CSP

toolstud.io

2.4.1

• web tools by Peter Forret • © 2006-2023 • Questions or remarks? Contact me! • Advertise here • Privacy statement