Hacker News new | past | comments | ask | show | jobs | submit login

Maybe you can add HTTP2/SPDY detection too. BTW your HSTS test does not verify if the format/syntax is correct.


These are all good but I would include the following:

Qualys SSL Server Test - The first site I use.

testssl.sh - for behind the fireware testing

https://tls.imirhil.fr/ - this one is nice because it shows the ciphers used/avail broken down by TLS version. I have not seen any other site do this.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact