Learn·No jargon. No pitch. No filler.

Security guides written
so operators can act.

Each guide covers one check that appears in a CQwerty Shield report. Read once, ship the fix, move on.

What is DMARC, in operator terms.

How email authentication blocks phishing aimed at your domain. Why p=none is not coverage. The exact policy ladder Cora drafts.

Read

SPF records, end to end.

Which mail servers are allowed to send from your domain, and what happens to senders that drift outside the record.

Read

Web

TLS grades, decoded.

What A+, B, C, F actually mean for users and uptime. The common misconfigurations that drop a grade overnight.

Read

Web

HTTP security headers, explained.

CSP, HSTS, X Frame Options, the lot. The invisible response headers that block clickjacking, XSS, and content injection.

Read

Web

Header deep dive.

Practical configurations for HSTS, CSP, X Frame Options, X Content Type Options, Referrer Policy, Permissions Policy.

Read

SPF, DKIM, DMARC working together.

Each protocol covers a different gap. Verifying the chain, plus MTA STS and BIMI for advanced posture.

Read

Web

TLS certificates, fully covered.

How certs work, DV vs OV vs EV, certificate chains, common errors and the exact fix for each.

Read

Infrastructure

DNS security, full guide.

Record types, DNSSEC, DoH and DoT, common attacks like cache poisoning, and the practices that close them.

Read

Infrastructure

WHOIS and domain registration.

How WHOIS state affects security. Domain expiry, privacy, registrar locks, hijack prevention.

Read

Reference

Operator security checklist.

TLS, headers, email auth, DNS, cookies, monitoring. Tickable, copy ready, kept in sync with the scanner.

Read

Read once. Run the scan.

Every guide aligns with a check Cora runs. Submit a domain and see which checks pass before you finish reading.

Browse the blog

Security guides writtenso operators can act.

What is DMARC, in operator terms.

SPF records, end to end.

TLS grades, decoded.

HTTP security headers, explained.

Header deep dive.

SPF, DKIM, DMARC working together.

TLS certificates, fully covered.

DNS security, full guide.

WHOIS and domain registration.

Operator security checklist.

Read once. Run the scan.

Security guides written
so operators can act.