WordPress Surface Scan
External security assessment without installing anything. Check SSL, security headers, and visible risks. Understand your WordPress security posture in 30 seconds.
No Installation
External scan checks what's publicly visible. No plugin required.
28 of 58 Controls
Surface scans check SSL, headers, and external security signals.
Assessment, Not Enforcement
We show you risks. You decide what to fix and when.
What Surface Scan Checks
External assessment covering publicly visible security and trust signals.
SSL & Trust
HTTPS configuration, certificate validity, trust indicators visible to visitors.
Security Headers
HTTP headers that protect against common attacks: CSP, X-Frame-Options, HSTS.
WordPress Detection
Version detection, exposed admin paths, publicly visible configuration issues.
CDN & Firewall
Detection of CloudFlare, Sucuri, Wordfence, and other protection layers.
Want the full picture?
Install the free WordPress plugin to check plugin vulnerabilities, user security, backups, and 30 additional controls.