Hello,
I was looking at the "Security score" of a customer site on webpagetest.org
. I discovered that it only says "B". Is there a way to increase the security score of refraktiv.com
with Let's encrypt from "B" to "A"?
Thanks & greetings,
Mace
Hello,
I was looking at the "Security score" of a customer site on webpagetest.org
. I discovered that it only says "B". Is there a way to increase the security score of refraktiv.com
with Let's encrypt from "B" to "A"?
Thanks & greetings,
Mace
That site shows you the reason they scored it that way:
Unfortunately, this is really not a forum for these types of questions/answers.
I agree with my fellow volunteer above: the "X frame options" and "Content Security Policy" are not TLS related. And as this is a Community specifically for Let's Encrypt and also for TLS/certificate related stuff in a broader sense, I'm afraid the issues you are facing are not really something for this Community.
That B means you should BEE POSITIVE about improving your site's security score!
There are many links in this forum to security analyzer tools. They will generally help you optimize your security settings if you look at their errors. You can also check to ensure your site is using the current recommended settings from Certbot.
Thanks!
Mace
This is actually outside the scope of Let's Encrypt which only provides certificates signed by a CA. You'll need to take their advice regarding HTTP headers to fix that particular score.
Running ssllabs.com
test on the mentioned site reveals an A+ rating for certificate and protocol, so Let's Encrypt is doing everything it possibly can.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.