5 Online Scanners to Help Secure Your Website

When building websites, security should be a primary factor. Today, I provide five scanners to assist in making your site more secure.

Written by Jonathan "JD" Danylko • Last Updated: May 26^th, 2017 • Develop •

LCD Computer screen with Security button being pressed.

Back in 90's, everyone started getting into web development and it was considered the wild west.

Security wasn't even a thought because everyone was testing the waters with what this Internet thing was.

Seven years ago, I mentioned how to secure web applications by recommending everyone read Troy Hunt's post on how to protect yourself as a .NET developer (even better...watch his PluralSight course on OWASP Top 10 Web Application Security Risks for ASP.NET).

Fast forward to today.

When you do business on the Internet, your first priority should be to your customers and the security of their information.

However, when a business is starting out, most can't afford to hire a web security specialist. If you hire a web specialist to build your site, they should have a solid understanding of how to secure a website.

Today, I'll go over some simple web security analyzers to examine your site and give you an idea how secure your site really is for your users.

Web Inspector

Screenshot of WebInspector

This free online tool scans your website and searches for Blacklist, Worms, Backdoors, Trojans, and Malware on your site.

Once you realize you have these on your site, I would definitely contact my web administrator and networking team to fix these issues.

Qualys SSL Labs

Screenshot of Qualys SSL Tester

If you have a secure site using SSL, pay particular attention to this Qualys SSL Labs.

This free service performs a deep configuration analysis of any SSL server on the web. It confirms whether everything was setup properly or not.

There are times where a third-party comes in and sets up an SSL certificate for your site, then they leave.

This site confirms whether it was setup properly or not.

Quttera

Screenshot of Quttera

Another great malware and vulnerabilities online site checker.

It looks for malicious and suspicious files and looks for the domain in a Malware domain list.

If your site is on the malware list, you may have to perform some housecleaning on your site.

ASAFAWeb

Screenshot of ASAFAWeb

For Microsoft sites, ASAFAWeb is one of my favorites. It was developed by Troy Hunt (@TroyHunt) and stands for Automated Security Analyser for ASP.NET Websites.

It provides a detailed report by scanning a Microsoft-based site and determines if you have closed off any holes specific to your technology. For example, Clickjacking or turning off your ELMAH recorder.

For anyone building ASP.NET web sites, you want to have this site handy to scan your site from the outside in.

UpGuard Scanner

Screenshot of UpGuard Web Scanner

At first glance, this has a Google-like feel to it.

Mainly because it's a simple process. Enter in your website URL and it's off and analyzing.

The UpGuard Scanner allows a person to enter a URL and scan a website to grade it on various factors including SSL configuration, Cookies, and Headers just to name a few.

They also give you a security grade so you can keep coming back to check on your progress.

Conclusion

I see these sites as the start of something bigger where cyber security specialists come into a company, run a set of tools against a URL, and determine whether it's secure or not.

These types of tools are meant to run on a monthly basis especially when monthly updates or releases are pushed out to the public.

Additional Reading Material

Did I miss some online tools that you use? Post your comment below and let's discuss.

Did you like this content? Show your support by buying me a coffee.

Buy me a coffee

Jonathan Danylko is a web architect and entrepreneur who's been programming for over 25 years. He's developed websites for small, medium, and Fortune 500 companies since 1996.

He currently works at Insight Enterprises as an Principal Software Engineer Architect.

When asked what he likes to do in his spare time, he replies, "I like to write and I like to code. I also like to write about code."

comments powered by Disqus

What's New

January 10^th, 2024

Added more reviews for my latest book, "ASP.NET 8 Best Practices."
June 22^nd, 2023

Amazon posted the pre-order page for my book (and yes, I'm freaking out a bit).
May 26^th, 2023

Added the Stir Trek 2023 videos link to the post.
November 3^rd, 2022

Updated Technology Trends for Developers by adding the Web Almanac (State of the Web Report)
July 4^th, 2022

Taking it easy today...Happy 4th of July everyone!
June 15^th, 2022

Yikes! My first vidcast EVER! Thanks Ed for the opportunity.
March 14^th, 2022

Updated Collection:Git Resources for Beginners w/ 20 Git Commands for Beginners
March 14^th, 2022

Updated Collection: Web API Best Practices w/ How to design REST APIs and The 10 REST Commandments.
December 17^th, 2021

Taking the standard two weeks off to recharge; See you next year! ;-)
June 1^st, 2021

Add Container Queries to Collection: CSS Resources.

Welcome

Jonathan Danylko Hi! Welcome to DanylkoWeb. This is the PERSONAL web site of Jonathan "JD" Danylko where I focus on Microsoft web technologies including ASP.NET using C#, Web Performance, Code Exorcisms (refactorings), and business lessons learned over a period of 30 years of programming.

I've also collected the best ways to learn C#.

If you have any questions, feel free to contact me.

Search

Morning Coffee Link

April 29^th, 2024The Design Philosophy of Great Tables

View All

Be Social

Follow my blog with Bloglovin

Latest Book

Amazon Unbound

By Brad Stone

ISBN: 1398500976 / 978-1398500976

See the latest books I've read at the Reading Corner.