How to Scan Your Website for Security Vulnerabilities (Free)

Why You Should Scan Your Website Regularly

Website security isn't a one-time setup. Dependencies get updated, configurations drift, certificates expire, and new vulnerabilities are discovered constantly. Regular security scanning catches issues before attackers do.

What WebSentry Checks

WebSentry's free scanner performs a comprehensive security audit covering:

SSL/TLS Configuration

• Certificate validity and expiration date
• Certificate chain completeness
• TLS version support (flags old TLS 1.0/1.1)
• Cipher suite strength

Security Headers

• Strict-Transport-Security (HSTS)
• Content-Security-Policy (CSP)
• X-Content-Type-Options
• X-Frame-Options
• Referrer-Policy
• Permissions-Policy

Cookie Security

• HttpOnly flag (prevents JavaScript access)
• Secure flag (HTTPS only)
• SameSite attribute (CSRF protection)

DNS Configuration

• DNSSEC status
• CAA records
• Email security (SPF, DKIM, DMARC)

Server Configuration

• Server version exposure
• X-Powered-By leakage
• Open redirect vulnerabilities

How to Use WebSentry

1. Go to websentry.dev
2. Enter any URL in the scanner
3. Click "Scan" and wait 10-15 seconds
4. Review your A-F security grade and detailed findings

Each finding includes an explanation of the issue and actionable advice on how to fix it.

Free vs. Paid Scanning

The free tier gives you 20 scans per month — perfect for checking your own site. If you need more:

• Pro plan — Unlimited scans, scan history, scheduled monitoring of up to 5 sites, API access
• Agency plan — Everything in Pro plus 25 monitored sites, ideal for agencies managing multiple clients

Check our pricing page for details.

Scanning Best Practices

• Scan after every deployment to catch configuration regressions
• Set up scheduled monitoring for critical production sites
• Scan both your main domain and subdomains (api., cdn., staging.)
• Re-scan after making security fixes to verify they worked