Security Checks

openssl s_client -connect www.yahoo.com:443 -CAfile /usr/local/etc/openssl/cert.pem

You should see verify return:1 for each certificate in the chain.

Host header injection

Read about it here.

curl -i --header "Host: evilsite.com" https://www.yahoo.com

Your site is vulnerable if evilsite.com appears in the results.

SPF

Check if your SPF record is valid. Enter your domain here.

DNSSEC

Very few sites have this right now.

dig pir.org +dnssec

See how to interpret the results.

Published October 26, 2015

You might also enjoy

R and Database URLs

Git LFS on Heroku

A Short Guide to Metrics

All code examples are public domain.
Use them however you’d like (licensed under CC0).

© 2024 Andrew Kane
· GitHub · Twitter · Privacy