privacytools.io site fails on mozilla obervatory #151
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#151
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The site privacytools.io gets an awful score on mozilla oberservatory
https://observatory.mozilla.org/analyze.html?host=www.privacytools.io
Thanks. All the points we lost are because of headers. Not sure whether this can be improved, as we use CloudFlare. @privacytoolsIO can you add headers with CF?
The website also has a bad score on gtmetrix. Prehaps @privacytoolsIO can optimize some of these issues?
Doesn't GH support HTTPS without CF now?
It does but Github cache settings aren't optimal, I think you could better optimize it with CF. Though if CF is seen as a privacy issue, we'd be better of without it.
GitHub's server also scores an F on observatory for similar reasons.
Okay, here you go:
We also score fine on SSL Labs. I don't think Mozilla Observatory is a big deal since we redirect to HTTPS, nor something that we can fix while on GitHub Pages.
We could probably consider implementing HSTS though.
Fixed, we now score an A on Mozilla Observatory and SSL Labs.