Security Headers Monitoring

Ensure your HTTP security headers stay configured.

Start Monitoring Free← All Monitor Types

Security headers monitoring checks that critical HTTP response headers are present and configured. Missing headers are a common source of security vulnerabilities caught in penetration tests and compliance audits.

How it works

Uptrue sends a HEAD request to your URL and checks for the presence of six key security headers: Strict-Transport-Security, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.

What Uptrue checks

Strict-Transport-Security (HSTS)
Content-Security-Policy (CSP)
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy

Alert conditions

One or more required security headers are missing
No security headers found (critical)
Why this matters

Security headers prevent clickjacking, XSS, MIME sniffing, and data leakage. CDN configuration changes, framework updates, or reverse proxy changes can strip them silently.

Set up in 60 seconds
Free plan · 3 monitors · No credit card required
Get Started Free →
Got questions?

Frequently asked questions

Everything you need to know about Uptrue — no fluff.

Which headers do you check?
HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.
Each header present adds points. Missing any header triggers a degraded status. Missing all triggers a critical alert.
Related Monitor Types
SSL Certificate MonitoringSPF / DMARC MonitoringHTTP/HTTPS Uptime Monitoring

Ready to set up Security Headers Monitoring?

Join teams who monitor their infrastructure with Uptrue. Free plan, no credit card required. Want to spot-check first? Run our free security headers checker.

Start Monitoring Free