Test it here
Goal | Done | Justification |
---|---|---|
Images are served in modern, efficient formats (AVIF, WebP) Smaller footprint, faster load times | β | Each image is displayed using the “picture” tag, and has 2 versions available: WebP and AVIF. JPEG is removed now that the latest versions of all major browsers support WebP. |
Images are obsessively compressed to reduce page size Smaller footprint, faster load times | β | Lossy compression was used when converting images |
The website doesnβt use any embed fonts Smaller footprint, faster load times | β | |
The website avoids the use of javascript and javascript frameworks Smaller footprint, faster load times | β | Zero fonts |
The quantity of code (HTML/CSS) is reduced to the minimum Smaller footprint, faster load times | β | Zero scripts |
The code is aggressively minimized Smaller footprint, faster load times | β | |
The website does not implement code to support old/deprecated browsers Smaller footprint, faster load times | β |
Goal | Done | Justification |
---|---|---|
The website only serves content using HTTPS | β | HTTP > HTTPS redirection is in place. |
TLS1.3 is used to ensure the best possible security | β | Test it here |
Old versions of TLS/SSL are disabled (<=TLS1.2) | β | Test it here |
DNSSEC is enabled | β | Test it here |
HSTS is enabled | β | Test it here |
HSTS preloading is enabled and active on all major browsers | β | Test it here |
DNS CAA policy is deployed | β | Test it here |
The server key uses Elliptic Curve | β | Test it here |
The website has a strong Content Security Policy and maintains a score of A+ to Mozilla’s Observatory test | β | Score of 130/100 Test it here |
The website uses a firewall to reject bot requests and suspicious requests Reducing bad requests = less energy used | β | Cloudflare |
The website is protected against DDoS attacks Reducing bad requests = less energy used | β | Cloudflare |
This website offers a security.txt file Standard allwoing to easily contact me to report a security vulnerability | β | Follows the proposed RFC standard. Link is also displayed in the footer of the website. |
Goal | Done | Justification |
---|---|---|
The website passes all tests on the Blacklight Website Privacy Inspector | β | Test it here |
This website offers a strong Privacy Policy to its visitors | β | This website’s privacy policy is based on the GDPR principles. It also explains how I process my customer’s personal information outside this website. |
This website was built using open-source software only.
This website was built using open-source software only.