"Observatory by Mozilla" which automatically scans safety and security and adds a score from F to A + just by entering its own site domain


ByMerrill College of Journalism Press Releases

Security evaluation site made by Mozilla "Observatory by Mozilla"Has analyzed how well Web security is built simply by entering the domain of the website and ranks the comprehensive evaluation ranging from F to A + in an easy to understand manner.

Observatory by Mozilla
https://observatory.mozilla.org/


Enter the domain of the site you want to search in the entry field under "Scan your site" and click "Scan Me". This time I will look it up at "yahoo.co.jp".


After a while the score is displayed and you can see how the item was evaluated for each item as follows.


The ranking of "A + ~ F" and the score are displayed as a comprehensive evaluation in the item of "Scan Summary". The rank of yahoo.co.jp is "F", and the score is 0 point out of 100 points.


As you scroll down, you can see the other items, and from "Test Scores" you can see the contents and results of the test performed when scanning.


"TLS Summary"Transport Layer SecurityAlthough it is a column for displaying the results of the investigation, nothing is displayed because HTTPS is not supported.


After that, the survey results of third party sites are lined up, and countermeasures against HTTPS intermediary attack etcHTTP Strict Transport Security(HSTS) status "Hstspreload.appspot.comIs evaluated as "X", but analyzing the HTTP response header "Securityheaders.io"B" had a relatively high reputation.


I checked the domain of "open source media player" MPC - HC "" mpc - hc.org "... ...


I earned A by comprehensive evaluation.


If you look at the test results, you can explain why you could not score, so you can reference for improving the security of the website.

in Interview,   Web Service,   Security, Posted by darkhorse_log