Practical Security Guides For Your Team
Clear, non-alarmist guidance for real web vulnerabilities so your team can prioritize fixes confidently.
Email Domain Not Protected Against Impersonation
mediumYour domain has a DMARC record, but it's set to 'monitor only' — meaning it watches for suspicious email activity but takes no action to stop it. Anyone can currently send emails that appear to come from your domain, and those emails will land in recipients' inboxes unchallenged. Think of it like having a security camera but no lock on the door.
Expired Security Certificate Is Blocking Visitors and Breaking Trust
immediateYour website's security certificate has expired. Think of it like an ID badge with a past-due date — browsers check this badge every time someone visits, and when it's expired, they show a full-screen warning telling visitors your site is unsafe. Most people will leave immediately rather than click through.
Outdated Encryption Protocol (TLS 1.0) Leaves Connections Exposed
mediumYour server still supports TLS 1.0, an old encryption standard from 1999 that has a known weakness called BEAST. Think of it like a lock on your front door that was recalled years ago — it still works most of the time, but security experts have shown it can be picked under the right conditions. Modern browsers and servers have largely worked around this flaw on their end, but the safest fix is to retire the old protocol on your server entirely.