|
|
| 1. General Results, most used to calculate the result |
A | name "51.222.32.176" is ipv4 address, public suffix is not defined
|
A | Good: All ip addresses are public addresses
|
A | Good: No cookie sent via http.
|
A | Good: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):1 complete Content-Type - header (4 urls)
|
| http://51.222.32.176/ 51.222.32.176
|
| Url with incomplete Content-Type - header - missing charset
|
| https://51.222.32.176/ 51.222.32.176
|
| Url with incomplete Content-Type - header - missing charset
|
| https://51.222.32.176/ 51.222.32.176
|
| Url with incomplete Content-Type - header - missing charset
|
B | https://51.222.32.176/ 51.222.32.176
|
| Missing HSTS-Header
|
H | Fatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
|
N | https://51.222.32.176/ 51.222.32.176
|
| Error - Certificate isn't trusted, RemoteCertificateNameMismatch
|
N | https://51.222.32.176/ 51.222.32.176
|
| Error - Certificate isn't trusted, RemoteCertificateNameMismatch
|
B | No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.51.222.32.176
|
| 2. Header-Checks |
F | 51.222.32.176 51.222.32.176
| Content-Security-Policy
| Critical: Missing Header:
|
F | 51.222.32.176 51.222.32.176
| X-Content-Type-Options
| Critical: Missing Header:
|
F | 51.222.32.176 51.222.32.176
| Referrer-Policy
| Critical: Missing Header:
|
F | 51.222.32.176 51.222.32.176
| Permissions-Policy
| Critical: Missing Header:
|
| 3. DNS- and NameServer - Checks |
| 4. Content- and Performance-critical Checks |
A | Good: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
|
A | Good: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
|
| https://51.222.32.176/ 51.222.32.176
|
| Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
|
A | Good: All images with internal compression not compressed. Some Images (.png, .jpg, .jpeg, .webp, .gif) are already compressed, so an additional compression isn't helpful. 1 images (type image/png, image/jpg) found without additional GZip. Not required because these images are already compressed
|
| Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 2 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 2 complete.
|
A | Good: All checked attribute values are enclosed in quotation marks (" or ').
|
A | Good: All img-elements have a valid alt-attribute.: 2 img-elements found.
|
A | Duration: 33434 milliseconds, 33.434 seconds
|