About ComputerBas
Creator of SecurityHeaders.nl & CheckTLS.nl
About the tools
SecurityHeaders.nl and CheckTLS.nl give insight into the security of any website. Enter a domain and see what’s missing, why it matters, and how to fix it.
Security header checker
SecurityHeaders.nl
TLS configuration scanner
CheckTLS.nl
AI agent platform
Antigravity AI
Documentation
ComputerBas Docs
Documentation
ComputerBas Docs Walkthrough
Documentation
ComputerBas Docs Walkthrough 2
My security tools
What does each tool check — and what should you do with the results?
SecurityHeaders.nl
Enter any domain and receive an instant letter grade (A++ to F) with a per-header breakdown that shows exactly what is missing or misconfigured. Found an issue? The documentation walks you through fixing it step by step.
- Content-Security-Policy (CSP) — Prevents cross-site scripting and data injection
- Strict-Transport-Security (HSTS) — Forces HTTPS and enables preload eligibility
- X-Frame-Options — Blocks clickjacking attacks
- X-Content-Type-Options — Stops MIME-type sniffing
- Referrer-Policy — Hides which page a visitor came from when following external links
- Permissions-Policy — Restricts access to browser APIs (camera, mic, etc.)
- Cross-Origin headers (COEP, COOP, CORP) — Prevents other websites from loading or reading your content
- Origin-Agent-Cluster & Clear-Site-Data — Isolates your browser tab and clears cookies and cache on sign-out
CheckTLS.nl
A deep TLS/SSL scanner that tests every aspect of a server's encryption setup and highlights anything that falls short of current best practices. The accompanying documentation shows how to configure your server correctly.
- Protocol support — TLS 1.3 & 1.2 (pass), TLS 1.1 & 1.0 (should be disabled)
- Weak cipher suites — Flags export-grade or deprecated ciphers
- Perfect Forward Secrecy (PFS) — Session keys stay safe if the private key leaks
- Certificate validity & chain — Expiry, trust chain, hostname match
- HSTS & preload status — Whether the domain is in browser preload lists
- OCSP Stapling — Reduces certificate revocation lookup latency
- CAA DNS record — Controls which CAs may issue for the domain
- Vulnerability detection — BEAST, POODLE, Heartbleed, ROBOT and more
- Post-quantum ciphers (ML-KEM) — Detects support for quantum-resistant key exchange (X25519MLKEM768)
Other projects
Antigravity AI
Guides and workflows for AI agents, prompt engineering and automated development.
Documentation
Comprehensive server hardening guides: Debian, SSH, SSL/TLS, HTTP security headers, Postfix, Firewall (nftables), DNS security (DNSSEC, CAA) and more.
Certified scores
Both tools run on servers that achieve the highest scores on every independent security benchmark.
Get in Touch
Find the source code on GitHub or connect with me about IT security and AI.
