How to Scan Your Website for Security Vulnerabilities (Free)

Why You Should Scan Your Website Regularly

Website security isn't a one-time setup. Dependencies get updated, configurations drift, certificates expire, and new vulnerabilities are discovered constantly. Regular security scanning catches issues before attackers do.

What WebSentry Checks

WebSentry's free scanner performs a comprehensive security audit covering:

SSL/TLS Configuration

• Certificate validity and expiration date
• Certificate chain completeness
• TLS version support (flags old TLS 1.0/1.1)
• Cipher suite strength

Security Headers

• Strict-Transport-Security (HSTS)
• Content-Security-Policy (CSP)
• X-Content-Type-Options
• X-Frame-Options
• Referrer-Policy
• Permissions-Policy

Cookie Security

• HttpOnly flag (prevents JavaScript access)
• Secure flag (HTTPS only)
• SameSite attribute (CSRF protection)

DNS Configuration

• DNSSEC status
• CAA records
• Email security (SPF, DKIM, DMARC)

Server Configuration

• Server version exposure
• X-Powered-By leakage
• Open redirect vulnerabilities

How to Use WebSentry

1. Go to websentry.dev
2. Enter any URL in the scanner
3. Click "Scan" and wait 10-15 seconds
4. Review your A-F security grade and detailed findings

Each finding includes an explanation of the issue and actionable advice on how to fix it.

Free vs. Paid Scanning

The free tier gives you 3 scans per month — perfect for checking your own site. If you need more:

• Pro plan — Unlimited scans, scan history, scheduled monitoring of up to 5 sites, API access
• Agency plan — Everything in Pro plus 25 monitored sites, ideal for agencies managing multiple clients

Check our pricing page for details.

Scanning Best Practices

• Scan after every deployment to catch configuration regressions
• Set up scheduled monitoring for critical production sites
• Scan both your main domain and subdomains (api., cdn., staging.)
• Re-scan after making security fixes to verify they worked