isitready.dev
Start free scan

Security

Web Bot Auth

Web Bot Auth is one of the public readiness signals included in isitready.dev reports.

Run a free auditBrowse checks

What we check

How the scan observes this signal.

During a scan, isitready.dev looks at the public evidence for web bot auth and records the result on the report card so teams can prioritise fixes without reverse-engineering the check.

Why it matters

Why this shows up on the report card.

Signed bot identity helps receiving sites verify agent traffic without relying on spoofable user-agent strings.

How to improve

Steps in the remediation brief.

  1. Expose the signal on the canonical public origin.

  2. Link it from discovery surfaces such as robots.txt, sitemap.xml, HTML head metadata, or HTTP Link headers where appropriate.

  3. Re-run the scan and confirm the evidence row now reports a passing or informational status.

Related checks

Keep reading inside Security.

Security

HSTS header

Strict transport policy prevents insecure downgrade paths after a browser has seen the site.

Security

Content Security Policy

CSP reduces script injection blast radius and documents trusted execution surfaces.

Cookie choices

Strictly necessary cookies keep the service running. Analytics cookies help us understand which pages and scan flows need work.