Security Check n°12 / 120

Open redirect protection

An open redirect is a flaw that allows an attacker to use a trusted site's URL to redirect visitors to a malicious site. For example: yoursi…

Analyse my site for free
← All checks
How it works

How TheSiteFuse checks "Open redirect protection"

An open redirect is a flaw that allows an attacker to use a trusted site's URL to redirect visitors to a malicious site. For example: yoursite.com/logout?next=https://evil.com. The visitor sees yoursite.com in the URL and trusts the link, but lands elsewhere.

Why it matters

Real-world impact of "Open redirect protection"

Open redirects are commonly used in phishing attacks: the attacker sends a link that looks legitimate (the URL starts with the real domain) but redirects to a fake bank page or password-stealing site. It's an OWASP Top 10 vulnerability.

Does your site pass this check?

Run the free full audit (120 checks) and instantly discover what needs fixing.

Previous Brute force / rate limiting protection Next robots.txt (security)

Other Security checks

HTTPS active
Valid SSL certificate
HTTP → HTTPS redirect
HSTS header
Continue with Google
or