privacytools.io site fails on mozilla obervatory #151
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The site privacytools.io gets an awful score on mozilla oberservatory
https://observatory.mozilla.org/analyze.html?host=www.privacytools.io
Thanks. All the points we lost are because of headers. Not sure whether this can be improved, as we use CloudFlare. @privacytoolsIO can you add headers with CF?
The website also has a bad score on gtmetrix. Prehaps @privacytoolsIO can optimize some of these issues?
Doesn't GH support HTTPS without CF now?
It does but Github cache settings aren't optimal, I think you could better optimize it with CF. Though if CF is seen as a privacy issue, we'd be better of without it.
GitHub's server also scores an F on observatory for similar reasons.
Okay, here you go:
We also score fine on SSL Labs. I don't think Mozilla Observatory is a big deal since we redirect to HTTPS, nor something that we can fix while on GitHub Pages.
We could probably consider implementing HSTS though.
Fixed, we now score an A on Mozilla Observatory and SSL Labs.