Existing website risks:
Website Risks
-http://norwii.com
failed
Insecure SSL/TLS versions available
Any version of the SSL protocol, and TLS prior to version 1.2, are now considered insecure.
The server should disable support for these old protocols.
failed
HTTP Strict Transport Security (HSTS) not enforced
Without HSTS enforced, people browsing this site are more susceptible to man-in-the-middle attacks. The server should be configured to support HSTS.
Email Security
-http://norwii.com
failed
DMARC policy not found
DMARC policy was not found. This makes it easier for attackers to send email from this domain.
A DMARC policy should be deployed for this domain.
failed
SPF policy uses ~all
Sender Policy Framework (SPF) record is too lenient as to which domains are allowed to send email on the domain's behalf.
This record should preferably not use the ~all mechanism, as this does not instruct the mail receiver to reject messages from unauthorised sources. When DMARC is not being enforced, -all should be used on the SPF record.
polonus