Security report for macclark.io
Free passive scan · WAF/CDN, security headers, TLS, server exposure
F
macclark.io
Security score 9/100 · No WAF/CDN detected
What we found
No WAF or CDN detectedHigh
The origin appears directly exposed — no edge firewall filtering OWASP Top 10 attacks, bad bots, or malicious IPs.
Missing HSTSMedium
The HSTS response header is not set.
Missing Content-Security-PolicyMedium
The Content-Security-Policy response header is not set.
Missing X-Frame-OptionsMedium
The X-Frame-Options response header is not set.
Missing X-Content-Type-OptionsLow
The X-Content-Type-Options response header is not set.
Missing Referrer-PolicyLow
The Referrer-Policy response header is not set.
Missing Permissions-PolicyLow
The Permissions-Policy response header is not set.
Server version disclosedLow
The Server header reveals "Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.22", helping attackers target known CVEs.
End-of-life softwareHigh
The origin appears to run an end-of-life Apache build, which no longer receives security patches.
macclark.io has no WAF/CDN in front of it, end-of-life server software and 6 missing security headers — all of which a managed AWS WAF would close.
Protect macclark.io — $150/mo, fully managedWant your own report? Scan your site free →