Security Center

Security Center

Windows used to greet you with three green shields. Here is the honest version for this site: what actually guards it, and what each layer really does.

Firewall ON
Cloudflare edge. Every request hits Cloudflare's network before it reaches the origin, so the edge filters traffic, terminates TLS, and absorbs DDoS attempts before they get near me. You reached this page through colo CMH over HTTP/2, TLSv1.3.
Automatic Updates ON
Deploy-time delivery. Every deploy purges the edge, shared assets carry short revalidating caches, and pages ship origin-fresh, so a return visit picks up changes without a hard reload and there is no second cache to go stale. (A service worker used to do this job; it retired in v136 because the platform now covers it.) See the recent installs in Windows Update.
Threat & identity protection ON
Bot management and Web Bot Auth. Cloudflare scores incoming bots. This site signs its own crawler's outbound requests per RFC 9421 and publishes the key at /.well-known/http-message-signatures-directory, so a site receiving a request can verify it really came from here.

Header & transport details

Content-Security-Policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests
Permissions-Policy
camera, microphone, geolocation, USB, FLoC + 10 more: all denied
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
DNSSEC
signed (ECDSAP256SHA256, DS at the registrar)
Content Signals
search, ai-input, ai-train: all yes (deliberately open)
This connection
HTTP/2 · TLSv1.3

Read-only, nothing logged or stored. System Properties shows what your specific request revealed.