Skip to main content
All Security Reports

Substack

substack.com

Report Coming Soon

We're preparing a detailed security report for substack.com. In the meantime, you can scan it yourself for free.

Scan substack.com Now

What We Check on Substack

TLS / HTTPS Security

We verify that substack.com uses HTTPS with a valid TLS certificate, modern cipher suites, and proper HSTS configuration to protect data in transit.

Security Headers

We check whether substack.com sends critical headers like Content-Security-Policy, X-Frame-Options, and Permissions-Policy to defend against XSS and clickjacking.

Content Security

We scan substack.com for mixed content, vulnerable JavaScript libraries, exposed admin panels, and information disclosure risks.

DNS & Email Security

We validate SPF, DKIM, and DMARC records for substack.com, check DNSSEC, and test for subdomain takeover vulnerabilities.

Scan Your Own Website

See how your site compares to Substack. Run a free security scan with 58 checks and get actionable fix instructions.

Start Free Scan

More Media & News Security Reports

The New York Times

nytimes.com

BBC

bbc.com

CNN

cnn.com

The Guardian

theguardian.com

Medium

medium.com

Spotify

spotify.com