Website Security Test of lps.go.id

Executive Summary for lps.go.id

• Web Software Security Test
  3 third-party web software dependancies were identified, including one outdated dependancy. No known vulnerabilities were detected. No Content Management System (CMS) was identified. The following CMS components, JS-libraries or frameworks were identified: jquery-migrate, jquery, lazysizes. Show details.
• GDPR Compliance Test
  No obvious GDPR-related compliance issues were detected across Privacy Policy, Website Security, TLS Encryption, Cookie Protection, Cookie Disclaimer. Show details.
• PCI DSS Compliance Test
  No obvious PCI DSS compliance issues were detected for Requirements 6.3 and 6.4. Show details.
• HTTP Headers Security Test
  Issues were identified with key security header misconfigured Content-Security-Policy. Optional HTTP headers appear to be properly configured: Server, Permissions-Policy, Referrer-Policy, Cache-Control, X-Permitted-Cross-Domain-Policies, Cross-Origin-Resource-Policy (CORP), Cross-Origin-Opener-Policy (COOP), Cross-Origin-Embedder-Policy (COEP). Deprecated HTTP headers detected: X-XSS-Protection. Show details.
• Content Security Policy (CSP) Test
  Content-Security-Policy is enforced and appears to be properly configured. A report-only Content-Security-Policy is not present. Show details.
• Cookies Privacy and Security Test
  One detected cookie appears to be properly configured from a security perspective. Show details.
• External Content Security Test
  One external request detected; the request failed. Show details.
• Protection from Data Scraping Test
  8 robots.txt rules, 11 User-Agent blocks and 9 bot protection mechanisms detected. No protection detected via meta restrictions. Show details.
• DNSSEC Configuration Test
  2 DNS A records detected; DNSSEC signatures are present and fully validated. Show details.