Sonic Healthcare

sonichealthcare.com.au

Healthcare

Security Score

52/100

Poor security posture. Critical issues require immediate attention. 1 critical issue found. 1 high severity issue found.

Scanned 5 days ago

Is this your business?

Claim this page to get detailed reports, request re-scans, and manage your profile.

No SSL/TLS

CRITICAL

TLS

The site does not support HTTPS connections.

Recommendation: Enable HTTPS with a valid SSL certificate.

Missing Content-Security-Policy

HIGH

HEADERS

No Content-Security-Policy header found. CSP helps prevent XSS attacks.

Recommendation: Implement a Content-Security-Policy header.

Missing X-Frame-Options

MEDIUM

HEADERS

No X-Frame-Options header found. This allows the site to be framed.

Recommendation: Add X-Frame-Options: DENY or SAMEORIGIN header.

Missing X-Content-Type-Options

MEDIUM

HEADERS

No X-Content-Type-Options header found.

Recommendation: Add X-Content-Type-Options: nosniff header.

Missing CAA records

LOW

DNS

No CAA records found. CAA records specify which CAs can issue certificates.

Recommendation: Add CAA records to restrict certificate issuance to trusted CAs.

Missing Referrer-Policy

LOW

HEADERS

No Referrer-Policy header found.

Recommendation: Add a Referrer-Policy header (e.g., strict-origin-when-cross-origin).

Missing Permissions-Policy

LOW

HEADERS

No Permissions-Policy header found.

Recommendation: Add a Permissions-Policy header to control browser features.

No security.txt found

LOW

FILES

No security.txt file was found. This file helps security researchers contact you.

Recommendation: Add a security.txt file at /.well-known/security.txt per RFC 9116.

Email authentication configured

INFO

DNS

SPF, DMARC, and DKIM are all configured for this domain.

No robots.txt found

INFO

FILES

No robots.txt file was found at the root.

Recommendation: Consider adding a robots.txt file to control crawler behavior.