Myer

myer.com.au

Melbourne, VIC

Retail

Australian department store chain

Security Score

85/100

Good security posture with minor improvements possible. Strong in: dns, tls, headers, files, general.

Scanned about 1 hour ago

Is this your business?

Claim this page to get detailed reports, request re-scans, and manage your profile.

Missing HSTS header

MEDIUM

TLS

HTTP Strict Transport Security is not enabled.

Recommendation: Add the Strict-Transport-Security header to enforce HTTPS.

Missing CAA records

LOW

DNS

No CAA records found. CAA records specify which CAs can issue certificates.

Recommendation: Add CAA records to restrict certificate issuance to trusted CAs.

Missing Referrer-Policy

LOW

HEADERS

No Referrer-Policy header found.

Recommendation: Add a Referrer-Policy header (e.g., strict-origin-when-cross-origin).

Missing Permissions-Policy

LOW

HEADERS

No Permissions-Policy header found.

Recommendation: Add a Permissions-Policy header to control browser features.

X-Powered-By header present

LOW

HEADERS

Technology stack disclosed: Next.js

Recommendation: Remove the X-Powered-By header to hide technology stack.

No security.txt found

LOW

FILES

No security.txt file was found. This file helps security researchers contact you.

Recommendation: Add a security.txt file at /.well-known/security.txt per RFC 9116.

Email authentication configured

INFO

DNS

SPF, DMARC, and DKIM are all configured for this domain.

Good security headers

INFO

HEADERS

Essential security headers (CSP, X-Frame-Options, X-Content-Type-Options) are configured.

No robots.txt found

INFO

FILES

No robots.txt file was found at the root.

Recommendation: Consider adding a robots.txt file to control crawler behavior.