SEOHubSEOHubRun audit

Security

Ship the security headers that matter

HSTS, CSP, and frame protections protect users and boost trust signals.

Enable HSTS once HTTPS is solid across the whole host (includeSubDomains when ready).

Start CSP in report-only, then tighten script-src and object-src until you can enforce.

Set X-Frame-Options or frame-ancestors, Referrer-Policy, and Permissions-Policy as a baseline.

Browse free tools or run a full site scan.