Free Online Health Check — no login required
How healthy is your company’s tech?
Enter your domain. Sixty seconds later: a letter grade and your top five fixes. Free, no login — we only look at your public surface.
target yourcompany.com · public-surface checks only — DNS, mail authentication & security headers
- DNS hygieneNS + MX consistent · no dangling CNAMEs
- Email security: SPF · DKIM · DMARCSPF found · DKIM found · DMARC missing
- TLS / certificate configcert valid · TLS 1.0 still accepted
- Web performance & Core Web VitalsLCP 4.1 s · 3.8 MB images on homepage
- Microsoft 365 / cloud posture signalsM365 tenant found · MX → Exchange Online
5 / 5 checks complete · results below
Since 1996Microsoft PartnerHouston, TXEnglish & 日本語
— real, current results for your domain.
scannedYour online health check — yourcompany.com
Solid foundation. Two urgent gaps.
Category grades
Bar length tracks the grade.
- Email securityD+Weak SPF/DKIM/DMARC lets attackers spoof your domain in phishing sent to your clients.Learn more · dmarc.org
- TLS / certificatesBHTTPS/TLS protects data in transit — a baseline for trust and search ranking.Learn more · Cloudflare
- DNSB+Clean, signed DNS keeps mail deliverable and resists tampering.Learn more · Cloudflare
- Web performanceC+Faster, compressed, mobile-friendly pages convert better and rank higher.Learn more · web.dev
- Cloud postureBA modern, well-configured mail platform reduces spoofing and delivery problems.Learn more · CISA
Red marks the category dragging the grade down.
Top 5 fixes
Plain English, priced in effort — not jargon.
- UrgentDMARC record missing — your domain is spoofable
Nothing tells the world’s mail servers to reject email that fakes your name. Criminals use exactly this gap to send “invoices” as you. One DNS record starts closing the door.
effort: 1 hrWhy it matters: Learn more
- UrgentTLS 1.0 still enabled
The server accepts an encryption protocol retired in 2020. Modern browsers negotiate better — attackers deliberately ask for the weak one. Switch it off in the host or load-balancer settings.
effort: 1 hrWhy it matters: Learn more
- SoonImages uncompressed on the homepage
3.8 MB of imagery loads before the headline does. Converting to modern formats typically cuts page weight by two-thirds, speeds up first paint, and helps search rankings.
effort: half-dayWhy it matters: Learn more
- SoonSPF too permissive
effort: 1 hrv=spf1 include:spf.protection.outlook.com +all
That +all at the end approves every mail server on earth as a legitimate sender for your domain. Change it to -all so only your real servers pass.Why it matters: Learn more
- PlanNo security.txt
A tiny public file that tells security researchers how to report a vulnerability to you privately instead of publicly. Cheap to add — and a strong signal that someone’s home.
effort: 1 hrWhy it matters: Learn more
Turn these findings into a plan
You’ve seen every gap and its priority. We’ll help you close them — fast — or hand your team a plan they can run with. No obligation.
Prefer email? support@computerdojo.com — we reply by the next business day.
Methodology
What we check, and why
Five categories, all read from the outside — the same first pass any security-minded partner runs before a conversation.
DNS hygiene
Your domain’s address book. We check that name servers agree, records point where they should, and nothing is left dangling for someone else to claim. Sloppy DNS is the quiet cause of a surprising share of outages and hijacked subdomains.
Email security
Three public records tell the world’s mail servers which senders may use your name. When they’re missing or too loose, anyone can send invoices as you — and your own legitimate mail lands in spam. This is the highest-payoff hour in small-business security.
TLS / certificates
The padlock on your site — and the protocol versions behind it. We check expiry dates, configuration, and whether retired protocols like TLS 1.0 are still accepted. An old protocol is the open window in an otherwise locked building.
Web performance & Core Web Vitals
The same speed signals Google measures on every visit. Slow pages lose visitors before they finish loading and rank lower in search. Most of the fixes are unglamorous — compress images, cache properly — and pay for themselves immediately.
Microsoft 365 / cloud posture
Public signals of how your cloud is set up: where mail is hosted, which tenant records exist, what’s exposed by default. It’s the outside view of the platform your business lives in — and where a permissioned review digs far deeper.
Scope, plainly
We only examine what’s publicly visible — DNS records, mail-authentication records, certificate configuration, and page performance. No login, no agents, no intrusive scanning. A full assessment (with permission) goes much deeper.
Fair questions, straight answers
Is this safe and legal?
Yes. The score reads only what is already public — DNS records, mail-authentication records, certificate configuration, and page speed. It is the same information any browser, mail server, or search engine touches when it interacts with your domain. No login, no port scans, no probing of private systems.
What does the grade mean?
A letter grade, A through F, summarizing five categories of public tech hygiene, weighted toward the issues that carry real risk. An A means your public surface is tight. A B means solid with gaps. C or below means something is costing you money, speed, or safety right now. It reflects your public surface only — a first look, not a full audit.
What happens after I enter my email?
You get one PDF — the full report with a prioritized fix plan — and one follow-up from an engineer in case you want help reading it. That is it. No drip campaign, no newsletter list, and we never share your address.
Can you fix these?
Yes — that is the point. Most urgent items are about an hour of focused work, and we do this every week. Managed IT clients get this continuously: we watch these signals year-round and close gaps before they ever show up on a scorecard.