administration

below are some sites i use to check on whether a server is being configured correctly

domain / general

• Internet NL
  • tests for IPV6 compatibility, signed domain name, HTTPS, security options, DNSSEC, route authorization
  • complaints:
    • ipv6 connectivity
    • dnssec is not supported by my VPS provider
• Mozilla Observatory - B
  • has HTTP, TLS, and SSH tests - including HSTS, various headers, CORS, etc
  • suggests I set Content-Security-Policy

security

• Security Headers - A
  • I still need to add a Content-Security-Policy
• Immuniweb - A
• CryptCheck - B
  • They suggest improving key exchange related things

ssh

• SSH Audit - tests server configurations related to SSH - encryption ciphers, key exchanges, host key types, message authentication codes
• fail2ban setup tutorial - add fail2ban

performance

• Web Page Test
• Pingdom - simple page optimizations, page load speed/size
• GtMetrix - dom loading, css, overall performance
• Pagespeed - diagnose performance issues, also has notes about accessibility

accessibility

• WAVE: Web Accessibility Evaluation
• Experte Accessibilty Check

---