Jardin remarquable en Bretagne - Le Jardin de Pellinec
le-jardin-de-pellinec.fr
A comprehensive security and network analysis report for le-jardin-de-pellinec.fr. Server: Apache.
- Primary Port
- 443
- Scan Time
- Shareable Report Link
- https://sechttp.com/scan/le-jardin-de-pellinec.fr
Detailed Security Analysis
Attack Path & DDoS Defense Analysis
Attacker
AS0 (Apache POP)
Your Server
Defense Summary
While Apache provides robust protection against Layer 4 (network-level) attacks, your server remains potentially vulnerable to sophisticated Layer 7 (application-level) attacks that can bypass standard CDN defenses. Additional WAF rules and application-side security measures are recommended.
Layer 4 Defense
Apache provides robust SYN flood, UDP amplification, and volumetric attack protection at the network edge.
Layer 7 Vulnerabilities
Application-layer attacks targeting 1 exposed API endpoints require additional WAF rules and rate limiting.
Server Information Disclosure
LOWINFO-001
Description
The server is disclosing its software type: Apache. This can help attackers identify potential vulnerabilities.
Recommendation
Configure your web server to hide or modify the Server header to prevent information disclosure.
Missing X-Frame-Options Header
MEDIUMSEC-002
Description
The site is not protected against clickjacking attacks.
Recommendation
Add the X-Frame-Options header with value 'DENY' or 'SAMEORIGIN' to prevent clickjacking.
Sensitive Information Exposure in JavaScript
HIGHJS-001
Description
Found 46 potentially sensitive variables exposed in client-side JavaScript code.
Recommendation
Review and remove sensitive information from client-side code. Use environment variables and server-side processing for sensitive data.
Port Scan Results
| Port | Service | Status | Version |
|---|---|---|---|
| 80 | HTTP | CLOSED | - |
| 443 | HTTPS | OPEN | TLS 1.3 |
| 22 | SSH | FILTERED | - |
| 3306 | MySQL | CLOSED | - |
HTTP Headers Analysis
Currently Testing
Peering information is being analyzed.
Currently Testing
Internet Exchange data is being collected.
JavaScript Analysis
Security Analysis Alert
Client-side code analysis has identified potential security vulnerabilities and information disclosure risks.
Exposed JavaScript Variables
Variables exposed in client-side code that may contain sensitive information
API Domain Analysis
External API domains discovered in client-side code
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
External API domains should be validated for proper authentication and rate limiting
Discovered API Endpoints
API endpoints identified through static analysis of client-side code
JavaScript Resources
JavaScript files loaded by the application
Security Recommendations
- • Avoid exposing sensitive variables in client-side code
- • Implement proper API authentication and rate limiting
- • Use environment variables for sensitive configuration
- • Regularly audit client-side code for information leaks
- • Minimize the amount of sensitive data processed on the client side
Historical Scan Records (1)
Jardin remarquable en Bretagne, le Jardin de Pellinec à Penvénan fait partie des plus beaux jardins de France.