Free Tool

Site Health Check

An instant technical check-up for any website: is it up, is the SSL certificate valid, how fast does it respond, and are key security headers present.

This is a one-time, on-demand check, not continuous uptime monitoring. Run it again any time you want a fresh reading.

What does a site health check actually look at?

This tool checks the technical fundamentals that sit underneath everything else on your site: whether DNS resolves correctly, whether the SSL certificate is valid and not close to expiring, how quickly the server responds to a request, and whether key security headers (like a Content-Security-Policy or Strict-Transport-Security header) are present. None of this is visible in the browser during normal use, but each one affects trust signals, security, and, in the case of response time, how search engines and visitors experience the site.

Why does an expiring SSL certificate matter so much?

A certificate that lapses does not just show a small padlock warning: modern browsers block the page entirely with a full-screen interstitial warning, and most visitors will not click through it. Search engines also treat HTTPS as a ranking signal and a broken certificate can affect crawling. Certificates typically renew automatically through the hosting provider, but renewal can silently fail after a DNS change, a server migration, or a lapsed payment method, which is exactly the kind of problem this check catches before a visitor does.

Mozilla's guide to HTTP security headers

Common questions

Is this the same as uptime monitoring?

No. This is a single, on-demand snapshot of your site right now, not a service that watches your site continuously and alerts you the moment it goes down. If you need that kind of always-on monitoring, this tool is a good complement to it, not a replacement.

What counts as a slow response time?

As a rough guide, a server response well under 200ms is fast, up to around 600ms is acceptable for most sites, and consistently over a second usually points to a server, hosting, or database problem worth investigating, independent of how fast the page itself then renders in the browser.

Which security headers actually matter?

Strict-Transport-Security (forces HTTPS on every future visit), Content-Security-Policy (restricts what scripts and resources a page is allowed to load), and X-Content-Type-Options are the three most commonly missing and most worth adding. None of them require a rebuild: they are configuration changes at the server or CDN level.