Security Checks

openssl s_client -connect -CAfile /usr/local/etc/openssl/cert.pem

You should see verify return:1 for each certificate in the chain.

Host header injection

Read about it here.

curl -i --header "Host:"

Your site is vulnerable if appears in the results.


Check if your SPF record is valid. Enter your domain here.


Very few sites have this right now.

dig +dnssec

See how to interpret the results.

Published October 26, 2015

You might also enjoy

Error Reporting in R

Git LFS on Heroku

A Short Guide to Metrics

All code examples are public domain.
Use them however you’d like (licensed under CC0).