Wesfarmers
Moderate security posture. Several improvements recommended. 1 high severity issue found. Strong in: dns, tls, files, general.
The server does not support TLS 1.2 or 1.3.
Recommendation: Enable TLS 1.2 and TLS 1.3 support.
No X-Content-Type-Options header found.
Recommendation: Add X-Content-Type-Options: nosniff header.
No CAA records found. CAA records specify which CAs can issue certificates.
Recommendation: Add CAA records to restrict certificate issuance to trusted CAs.
No Referrer-Policy header found.
Recommendation: Add a Referrer-Policy header (e.g., strict-origin-when-cross-origin).
No Permissions-Policy header found.
Recommendation: Add a Permissions-Policy header to control browser features.
The Server header reveals version information: Microsoft-IIS/10.0
Recommendation: Configure the server to hide version information.
Technology stack disclosed: ASP.NET
Recommendation: Remove the X-Powered-By header to hide technology stack.
No security.txt file was found. This file helps security researchers contact you.
Recommendation: Add a security.txt file at /.well-known/security.txt per RFC 9116.
SPF, DMARC, and DKIM are all configured for this domain.
HSTS is not applied to subdomains.
Recommendation: Consider adding includeSubDomains to HSTS if applicable.
No robots.txt file was found at the root.
Recommendation: Consider adding a robots.txt file to control crawler behavior.