Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations36 days until leaf cert expires — 5 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
A+DNS Records2 A records, 13 ms lookupPASS
| A | 172.66.172.177, 104.20.41.81 |
| AAAA | 2606:4700:10::ac42:acb1, 2606:4700:10::6814:2951 |
| CNAME | — |
| NS | izabella.ns.cloudflare.com, sonny.ns.cloudflare.com |
| MX | 10 d231451.a.ess.uk.barracudanetworks.com 11 d231451.b.ess.uk.barracudanetworks.com |
| TXT | 2Z5eQB7UMLWrW2ycQUz7RwtCq7vDfRiv3bFFLw3gWgWwgds46G8W6xomdw/TfQiSW7Ug1q30x+0r3tRU... ZOOM_verify_iBrbuPUhCGG61aQcOlYz3K _globalsign-domain-verification=NLspY-kqOjOQRMz5WENArvZlazBwZVBvwdLjuWMUK9 apple-domain-verification=7MOXukBAdOTcL16y facebook-domain-verification=8rxgufrjnmm08rnfosf5ers9d1q7a5 fastly-domain-delegation-kafgkjdfgjkdfg-30092019 jamf-site-verification=jR0i9ed60-NW776t5jGggw mandrill_verify.3BPxq1ZqVDG4MwKGWN879Q samsung-domain-verification=611c27d5-5a51-4a4a-8803-37cf12177136 smartsheet-site-validation=0Z2ejr4TdKtO29JG_qEnCg_uXmbnXWcv taegis-domain-verification=f96306edef0abc88ff8dc5574423426587feca6ecb5b94babcacf... teamviewer-sso-verification=b9d56a01a90b4416bab354e546bbe45f SPF v=spf1 include:spf.protection.outlook.com include:outboundmail.blackbaud.net inc... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 81 ms totalPASS
https://britishmuseum.org
22 ms · HTTP/1.1
https://www.britishmuseum.org/
59 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://britishmuseum.org | 301 | 22 ms | HTTP/1.1 | cloudflare |
| 2 | https://www.britishmuseum.org/ | 200 | 59 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 1126 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
User-agent: *
Crawl-delay: 20
# CSS, JS, Images
Allow: /core/*.css$
Allow: /core/*.css?
Allow: /core/*.js$
Allow: /core/*.js?
Allow: /core/*.gif
Allow: /core/*.jpg
Allow: /core/*.jpeg
Allow: /core/*.png
Allow: /core/*.svg
Allow: /profiles/*.css$
Allow: /profiles/*.css?
Allow: /profiles/*.js$
Allow: /profiles/*.js?
Allow: /profiles/*.gif
Allow: /profiles/*.jpg
Allow: /profiles/*.jpeg
Allow: /profiles/*.png
Allow: /profiles/*.svg
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.txt
Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register/
Disallow: /user/password/
Disallow: /user/login/
Disallow: /user/logout/
# Paths (no clean URLs)
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password/
Disallow: /index.php/user/register/
Disallow: /index.php/user/login/
Disallow: /index.php/user/logout/
# Stop Google Crawling Search
Disallow: /search*
# Stop bots crawling exhibition and events facets
Allow: /exhibitions-events/past-exhibitions/
Allow: /exhibitions-events/past-exhibitions/*
Allow: /exhibitions-events/see-everything/
Disallow: /exhibitions-events/*
# Allow BM’s accessibility auditor to crawl the entire site.
User-agent: PowerMapper
Allow: /
- https://www.britishmuseum.org/blog/what-book-dead
- https://www.britishmuseum.org/blog/what-role-and-value-crafts-today
- https://www.britishmuseum.org/blog/horses-and-human-history
- https://www.britishmuseum.org/blog/virtual-autopsy-discover-how-ancient-egyptian-gebelein-man-died
- https://www.britishmuseum.org/blog/decoding-anglo-saxon-art
A+HTTP Probe TimingTotal 22 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
Connection waterfall
Domain IntelligenceDomain intelligence data not availableINFO
RDAP and WHOIS lookup both failed