http-security-headers-mcp
Generate recommended security headers configuration for Apache HTTP servers.
Generate recommended security headers configuration for Cloudflare deployments.
Generate recommended security headers configuration for Express.js applications.
Generate recommended security headers configuration for Next.js applications.
Generate recommended security headers configuration for NGINX web servers.
Generate recommended security headers configuration for Vercel deployments.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@http-security-headers-mcpscan https://example.com for security headers"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
http-security-headers-mcp
Analyze and score HTTP security headers (CSP, HSTS, CORS, cookies) with actionable fix recommendations for web applications.
Tools
Tool | Description |
| Fetch a URL and analyze all security headers. Returns A+ to F grade with findings. |
| Score a set of headers you provide. Returns grade and per-header breakdown. |
| Deep analysis of a Content-Security-Policy header. Detects unsafe sources and bypass risks. |
| Generate recommended security headers config for Express, Next.js, nginx, Apache, Cloudflare, or Vercel. |
Related MCP server: mcp-api-tools
Quick Start
Install from MCPize (Recommended)
npx -y mcpize connect @shakiltousif/http-security-headers-mcp --client claudeOr visit: mcpize.com/mcp/http-security-headers-mcp
Per-client install
Claude: claude mcp add --transport http http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Cursor: cursor mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Windsurf: windsurf mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcpJSON Config (manual setup)
{
"mcpServers": {
"http-security-headers-mcp": {
"url": "https://http-security-headers-mcp.mcpize.run/mcp"
}
}
}Run Locally
npm install
mcpize dev # Start dev server with hot reload
mcpize dev --playground # Interactive testing in your browserServer runs at http://localhost:3000/mcp
Development
mcpize dev # Development mode (port 3000, hot reload, loads .env)
npm run build # Compile TypeScript
npm test # Run unit tests (26 tests)
bash test-mcp.sh # MCP protocol smoke test (14 checks)
npm start # Run compiled server (port 8080)Deploy
mcpize login # Authenticate (opens browser)
mcpize deploy # Ship it!Project Structure
src/
index.ts # Express + MCP server setup, tool registration
tools.ts # Pure business logic (header analysis, scoring, CSP parsing)
tests/
tools.test.ts # Unit tests (vitest)
test-mcp.sh # MCP protocol smoke test
mcpize.yaml # MCPize deployment config
Dockerfile # Production container buildLicense
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/shakiltousif/http-security-headers-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server