🛡

SEAES Infrastructure Security Report

Scanned on April 4, 2026 — 8 domains analyzed
87/100
Overall Score
B+
Domains Scanned
8
All production endpoints
Total Findings
35
Across all domains
Overall Grade
B+
87 / 100 points
Severity Breakdown
0 Critical 6 High 13 Medium 16 Low
🔒 SSL & DNS Status

🔐 SSL / TLS Certificates

ProtocolTLSv1.3 (all domains)
IssuerLet's Encrypt / Google Trust Services
Expiry68–74 days remaining
Status✓ All valid

🌐 DNS Security

SPF (seaes.ai)✓ Configured
DMARC (seaes.ai)✓ Configured
DNSSECNot verified
🌎 Per-Domain Results
🛠 Remediation Plan

High Priority

ping.seaes.ai, erp.seaes.ai
Add HTTP → HTTPS redirect.
In Cloudflare: Page Rules → Always Use HTTPS.
Or on origin nginx: return 301 https://$host$request_uri;
ping.seaes.ai, erp.seaes.ai, finguard.seaes.ai
Add Strict-Transport-Security header.
In Cloudflare → SSL/TLS → Edge Certificates → Enable HSTS.
Or nginx: add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains' always;

Medium Priority

ping.seaes.ai, erp.seaes.ai, finguard.seaes.ai, table.seaes.in
Add missing security headers: X-Frame-Options, X-Content-Type-Options, Content-Security-Policy, Referrer-Policy, Permissions-Policy.
Add these headers in nginx server block or via Cloudflare Transform Rules.
accounts.seaes.ai
Fix HTTP redirect to include https:// scheme.
The current redirect points to /login without the scheme, causing a protocol downgrade.
table.seaes.in
Set cookie security flags on csrftoken.
Configure: csrftoken=value; Secure; HttpOnly; SameSite=Lax

Low Priority

vox.seaes.ai
Hide nginx version in Server header.
Add server_tokens off; to nginx.conf to stop leaking nginx/1.20.1.
seaes.ai, rank.seaes.ai
Add X-XSS-Protection header.
Add add_header X-XSS-Protection "1; mode=block" always; in nginx or Cloudflare Transform Rules.
Generated by SEAES Shield (Seacure)
Report timestamp:
seacure.seaes.in