Troubleshooting & Tools for Web

Updated August 2, 2025

Sitemap Generator (XML)

For Google to quickly and easily identify all of the pages of your website, you will want to make an XML sitemap for Google and other search engines access.

An XML sitemap is a plain text XML file which lists all the most important pages across your website. XML sitemaps can be submitted to Google, Bing, and other major search engines to help them discover, crawl, and index your website more easily and effectively.

The more easily search engines can crawl your website, the more likely your rankings are to improve. Learn more about how Google crawls and indexes your website here.

https://www.sureoak.com/seo-tools/google-xml-sitemap-generator

GDPR Compliance

The GDPR applies to organizations, companies, individuals, corporations, public authorities and other entities — including small businesses, charities and nonprofit organizations — that are either based in the EU, offer goods or services (even for free) to people in the EU, or that monitor the behaviour of people in the EU, either directly or as a third party.

This service allows you to create a privacy & cookie policy in minutes, set-up your cookie banner with prior blocking, easily manage consent, maintain compliant processing records and more.

https://www.iubenda.com/en/gdpr

Is a site legit?

https://www.islegitsite.com/

HTTP/2, HTTP/3 and HSTS

Test a website's HTTP/2 support

WebsiteCommand-lineExtended information

Go to this website: https://tools.keycdn.com/http2-test

Use this command in a Terminal. You should see a response like HTTP/2 200 if successful.

curl -I --http2 https://mobilitydata.org/

This command will return more information, look for HTTP/3 in the response.

curl -svILk https://www.mobilitydatabase.org

Test a website's HTTP/3 support

WebsiteCommand-lineExtended information

Go to this website: https://http3check.net

Use this command in a Terminal. You should see a response like HTTP/3 200 if successful.

curl -I --http3 https://mobilitydata.org/

N.B.: You will need a more recent version of curl than the one that comes with macOS in order to use the --http3 flag. You can install it with Brew: brew install curl.

This command will return more information, look for HTTP/3 in the response.

curl -svILk https://www.mobilitydatabase.org

HSTS (HTTP Strict Transport Security)

HSTS, or HTTP Strict Transport Security, is a security mechanism that enforces HTTPS connections for a website, protecting against man-in-the-middle attacks. It instructs browsers to automatically convert HTTP requests to HTTPS, preventing insecure connections and cookie hijacking.

Is HSTS enabled?Check HSTS preload status and eligibility

Verify if HSTS is enabled and the browser preloads content only through HTTPS.

https://domsignal.com/hsts-test

This form is used to submit domains for inclusion in Chrome's HTTP Strict Transport Security (HSTS) preload list. This is a list of sites that are hardcoded into Chrome as being HTTPS only. Most major browsers (Chrome, Firefox, Opera, Safari, IE 11 and Edge) also have HSTS preload lists based on the Chrome list. (See the HSTS compatibility matrix.)

https://hstspreload.org/

SSL / TLS

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols that provide secure communication channels over a computer network, primarily the internet. While SSL is the older protocol, TLS is its more modern and secure successor. Both protocols are used to encrypt data transmitted between a client (like a web browser) and a server, ensuring confidentiality and integrity of the information exchanged.

Testing the qualityTest a browser's supportTest a Website's supprt

This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.

https://www.ssllabs.com/ssltest/

This shows the SSL/TLS capabilities of a browser.

https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html

Check the SSL/TLS setup of your server or CDN

https://www.cdn77.com/tls-test/

IPv6

IPv6 is the newest version of the Internet Protocol (IP), designed to succeed IPv4. It offers a significantly larger address space, improved routing and addressing, and better support for features like mobile devices and the Internet of Things.

Checks IPv6 connectivityWebsite accessibility validator

https://ipv6-test.com/

https://ipv6-test.com/validate.php

WordPress Security Scan

Online WordPress Security Scanner to test vulnerabilities of a WordPress installation. Checks include application security, WordPress plugins, hosting environment, and web server.

https://hackertarget.com/wordpress-security-scan/

Nmap Online Port Scanner

Use Nmap to find open ports on Internet facing systems with this online port scanner.

https://hackertarget.com/nmap-online-port-scanner/

OWASP Web Security Testing Guide

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals. The WSTG is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers and organizations all over the world.

OWASP testing guideOWASP web app scanner for most platforms

https://owasp.org/www-project-web-security-testing-guide/

https://www.zaproxy.org/download/