BENCHMARK — INDIVIDUAL ENTRY
Ottawa
ottawa.ca
SCORE
63/100
GRADE
D
STACK
Custom / non-WordPress
§ I — FINDINGS BY SEVERITY01 / 03
critical
0
high
0
medium
2
low
7
info
3
§ II — SUBJECT FILE02 / 03
- target.host
- ottawa.ca
- tech
- Custom / non-WordPress
- tls
- HTTPS reachable
- hsts
- not set
- spf
- strict
- dmarc
- p=reject
- domain.registered
- 2002-05-07 (23y)
- domain.registrar
- Webnames.ca Inc.
- domain.expires
- 2034-05-02 (2919d)
- civic-data
- ESRI Hub @ open.ottawa.ca, ESRI Hub @ open.ottawa.ca, ESRI Hub @ open.ottawa.ca
- civic-pages
- 7/7 categories present
- trackers
- 1 external origins (0 known, 1 unclassified)
- cookies
- 0/1 hardened
§ III — TOP FINDINGS03 / 03
- medium
No HSTS — HTTPS is not enforced for returning visitors
- medium
No Content-Security-Policy
- low
No X-Content-Type-Options: nosniff
- low
No X-Frame-Options or CSP frame-ancestors
- low
Admin login (/wp-login.php) on the public path
NEXT STEP