-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathblog-features.html
More file actions
496 lines (448 loc) · 42.8 KB
/
Copy pathblog-features.html
File metadata and controls
496 lines (448 loc) · 42.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
<!DOCTYPE html>
<html lang="sr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>240+ Checks — Complete List / 240+ Provera — Kompletna lista · Security · SEO · Performance · GDPR</title>
<meta name="description" content="Complete list of all 240+ automated checks: security (150+), SEO (37), performance (20), accessibility (17), GDPR (7), WHOIS, tech stack, email, Mozilla Observatory. · Kompletna lista svih 240+ automatskih provera: bezbednost 150+, SEO 37, performanse 20, pristupacnost 17, GDPR 7, WHOIS, tech stack.">
<meta name="keywords" content="scanner provere, security checks, 240 provera, website security checks, SSL provera, DNS provera, headers provera, SEO provera, GDPR provera, performance check, Mozilla Observatory, WHOIS lookup, tech stack detection, email config, website scanner features, complete scan list, website audit checks, security scanner features, full website scan, comprehensive security check">
<meta name="robots" content="index, follow, max-snippet:-1, max-image-preview:large">
<link rel="canonical" href="https://security-skener.gradovi.rs/blog-features.html">
<link rel="alternate" hreflang="sr" href="https://security-skener.gradovi.rs/blog-features.html">
<link rel="alternate" hreflang="x-default" href="https://security-skener.gradovi.rs/blog-features.html">
<meta property="og:type" content="article">
<meta property="og:title" content="240+ Checks / 240+ Provera — Kompletna lista">
<meta property="og:description" content="Security, SEO, performance, GDPR, accessibility — everything our scanner checks. · Bezbednost, SEO, performanse, GDPR, pristupacnost — sve sto scanner proverava.">
<meta property="og:url" content="https://security-skener.gradovi.rs/blog-features.html">
<meta property="og:site_name" content="Web Security Scanner">
<meta property="og:locale" content="sr_RS">
<meta property="og:locale:alternate" content="en_US">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:title" content="240+ Checks / 240+ Provera">
<meta name="twitter:description" content="Complete check list. · Kompletna lista provera.">
<link rel="icon" type="image/svg+xml" href="/favicon.svg">
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700;800&display=swap" rel="stylesheet">
<link rel="stylesheet" href="./blog-common.css">
<style>
.features-page { max-width: 1100px; }
.features-hero { text-align: center; padding: 2rem 0 1.5rem; border-bottom: 1px solid #252a4a; margin-bottom: 2rem; }
.features-hero h1 { font-size: 2rem; margin-bottom: 0.6rem; line-height: 1.2; }
.features-hero .subtitle { color: #9ca3af; font-size: 1rem; margin-bottom: 1.5rem; }
.features-toc { display: grid; grid-template-columns: repeat(auto-fit, minmax(150px, 1fr)); gap: 0.6rem; margin-bottom: 2.5rem; }
.toc-item { display: flex; align-items: center; gap: 0.55rem; padding: 0.7rem 0.85rem; background: #11142a; border: 1px solid #252a4a; border-radius: 10px; text-decoration: none; color: #e8eaf6; font-size: 0.85rem; font-weight: 600; transition: border-color .15s, transform .15s, background .15s; }
.toc-item:hover { border-color: #a78bfa; background: #1a1e38; transform: translateY(-2px); }
.toc-item .toc-emoji { font-size: 1.1rem; flex-shrink: 0; }
.toc-item em { font-style: normal; color: #a78bfa; font-size: 0.72rem; margin-left: auto; padding: 0.15rem 0.45rem; background: rgba(167,139,250,0.1); border-radius: 999px; }
.features-cat { margin: 3rem 0; scroll-margin-top: 80px; }
.features-cat > h2 { font-size: 1.55rem; font-weight: 800; margin-bottom: 0.4rem; display: flex; align-items: center; gap: 0.6rem; }
.features-cat > h2 .cat-count { font-size: 0.75rem; color: #0a0c15; background: #a78bfa; padding: 0.2rem 0.6rem; border-radius: 999px; font-weight: 800; letter-spacing: 0.04em; }
.features-cat > .cat-intro { color: #9ca3af; font-size: 0.92rem; margin-bottom: 1.5rem; max-width: 680px; line-height: 1.65; }
.features-subgrid { display: grid; grid-template-columns: repeat(auto-fit, minmax(280px, 1fr)); gap: 1.1rem; }
.feature-subcard { background: #11142a; border: 1px solid #252a4a; border-radius: 12px; padding: 1.3rem 1.4rem 1.2rem; display: flex; flex-direction: column; transition: border-color .2s; }
.feature-subcard:hover { border-color: #a78bfa; }
.feature-subcard h3 { font-size: 1rem; margin: 0 0 0.3rem; color: #e8eaf6; display: flex; align-items: baseline; gap: 0.5rem; flex-wrap: wrap; }
.feature-subcard h3 .sub-count { font-size: 0.68rem; color: #7b83a6; background: rgba(167,139,250,0.08); padding: 0.1rem 0.5rem; border-radius: 999px; letter-spacing: 0.03em; font-weight: 600; }
.feature-subcard .sub-intro { color: #9ca3af; font-size: 0.82rem; line-height: 1.6; margin-bottom: 0.7rem; }
.feature-subcard ul { list-style: none; padding: 0; margin: 0 0 1rem; flex: 1; }
.feature-subcard ul li { position: relative; padding: 0.25rem 0 0.25rem 1.1rem; color: #c0c4db; font-size: 0.78rem; line-height: 1.55; border-top: 1px solid rgba(255,255,255,0.03); }
.feature-subcard ul li:first-child { border-top: none; }
.feature-subcard ul li::before { content: "\2713"; position: absolute; left: 0; top: 0.25rem; color: #4ade80; font-weight: 700; font-size: 0.75rem; }
.feature-subcard ul li strong { color: #e8eaf6; font-weight: 600; }
.feature-subcard ul li .why { color: #7b83a6; font-size: 0.74rem; display: block; margin-top: 0.15rem; }
.feature-subcard .subcard-link { display: inline-flex; align-items: center; gap: 0.35rem; margin-top: auto; padding-top: 0.6rem; color: #a78bfa; font-size: 0.8rem; font-weight: 700; text-decoration: none; border-top: 1px solid #252a4a; }
.feature-subcard .subcard-link:hover { color: #c4b5fd; }
.feature-subcard .subcard-link.no-link { color: #7b83a6; pointer-events: none; }
.features-big-cta { margin: 3rem 0 1rem; padding: 2rem 1.5rem; background: linear-gradient(135deg, #1a1e38, #2a1f4d); border: 1px solid #a78bfa; border-radius: 14px; text-align: center; }
.features-big-cta h3 { font-size: 1.4rem; color: #e8eaf6; margin-bottom: 0.5rem; }
.features-big-cta p { color: #cbd5e1; font-size: 0.92rem; margin-bottom: 1.25rem; }
.features-big-cta a { display: inline-block; padding: 0.9rem 2rem; background: linear-gradient(135deg, #a78bfa, #c4b5fd); color: #0a0c15; font-weight: 800; border-radius: 10px; text-decoration: none; font-size: 0.95rem; transition: transform .15s, box-shadow .2s; }
.features-big-cta a:hover { transform: translateY(-2px); box-shadow: 0 8px 24px rgba(167,139,250,0.35); }
@media (max-width: 600px) {
.features-hero h1 { font-size: 1.5rem; }
.features-subgrid { grid-template-columns: 1fr; gap: 0.9rem; }
.feature-subcard { padding: 1.1rem 1.2rem 1rem; }
.features-cat > h2 { font-size: 1.3rem; }
}
</style>
</head>
<body>
<div class="blog-layout">
<aside class="timeline-nav">
<div class="sr"><div class="timeline-title">Kategorije</div><ol id="timeline-sr"></ol></div>
<div class="en"><div class="timeline-title">Categories</div><ol id="timeline-en"></ol></div>
</aside>
<main class="blog-content features-page">
<header class="features-hero">
<h1>
<span class="sr">240+ Provera — Kompletna lista</span>
<span class="en">240+ Checks — Complete Catalog</span>
</h1>
<p class="subtitle">
<span class="sr">Sve sto Web Security Scanner automatski proverava, zasto to radi, i gde da procitas vise</span>
<span class="en">Everything Web Security Scanner automatically checks, why it matters, and where to read more</span>
</p>
<div class="stat-grid">
<div class="stat-card"><div class="stat-num">240+</div><div class="stat-label"><span class="sr">Ukupno provera</span><span class="en">Total checks</span></div></div>
<div class="stat-card"><div class="stat-num">6</div><div class="stat-label"><span class="sr">Kategorija</span><span class="en">Categories</span></div></div>
<div class="stat-card"><div class="stat-num">20</div><div class="stat-label"><span class="sr">Stranica crawler</span><span class="en">Pages crawled</span></div></div>
<div class="stat-card"><div class="stat-num">~90s</div><div class="stat-label"><span class="sr">Vreme skeniranja</span><span class="en">Scan time</span></div></div>
</div>
</header>
<nav class="features-toc" aria-label="Quick navigation">
<a href="#f-sec" class="toc-item"><span class="toc-emoji">🛡</span><span class="sr">Bezbednost</span><span class="en">Security</span> <em>150+</em></a>
<a href="#f-seo" class="toc-item"><span class="toc-emoji">🔍</span>SEO <em>37</em></a>
<a href="#f-perf" class="toc-item"><span class="toc-emoji">⚡</span><span class="sr">Performanse</span><span class="en">Performance</span> <em>20</em></a>
<a href="#f-a11y" class="toc-item"><span class="toc-emoji">♿</span><span class="sr">Pristupacnost</span><span class="en">Accessibility</span> <em>17</em></a>
<a href="#f-gdpr" class="toc-item"><span class="toc-emoji">🇪🇺</span>GDPR <em>7</em></a>
<a href="#f-extra" class="toc-item"><span class="toc-emoji">🧰</span><span class="sr">Dodatno</span><span class="en">Extras</span> <em>12</em></a>
</nav>
<section id="f-sec" class="features-cat">
<h2 id="f-sec-h">🛡 <span class="sr">Bezbednost</span><span class="en">Security</span> <span class="cat-count">150+</span></h2>
<p class="cat-intro">
<span class="sr">Srce skenera — sve sto cini razliku izmedju bezbednog sajta i onog koji ce biti hakovan. Svaka provera je mapirana na konkretnu ranjivost koju napadaci stvarno koriste.</span>
<span class="en">The heart of the scanner — everything that makes the difference between a secure site and one that will be hacked. Each check maps to a concrete vulnerability attackers actually use.</span>
</p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3>SSL/TLS <span class="sub-count">4</span></h3>
<p class="sub-intro"><span class="sr">Bez HTTPS-a, lozinke i kartice idu u cistom tekstu preko WiFi-ja. Proveravamo da li je enkripcija tamo gde treba.</span><span class="en">Without HTTPS, passwords and cards travel plain-text over WiFi. We check the encryption is where it should be.</span></p>
<ul>
<li><strong><span class="sr">Validnost sertifikata</span><span class="en">Certificate validity</span></strong><span class="why"><span class="sr">Da li browser veruje sertifikatu (Let's Encrypt, DigiCert)</span><span class="en">Whether browsers trust the cert</span></span></li>
<li><strong>TLS 1.2 / 1.3</strong><span class="why"><span class="sr">Stare verzije (1.0/1.1) su probijene</span><span class="en">Old versions (1.0/1.1) are broken</span></span></li>
<li><strong><span class="sr">Dani do isteka</span><span class="en">Days until expiry</span></strong><span class="why"><span class="sr">Istekao = upozorenje u browseru</span><span class="en">Expired = browser warning bar</span></span></li>
<li><strong><span class="sr">Lanac poverenja</span><span class="en">Trust chain</span></strong><span class="why"><span class="sr">Intermediate sertifikati moraju biti ispravni</span><span class="en">Intermediate certs must be correct</span></span></li>
</ul>
<a href="./blog-security-ssl.html" class="subcard-link"><span class="sr">SSL/TLS vodic →</span><span class="en">SSL/TLS guide →</span></a>
</article>
<article class="feature-subcard">
<h3>HTTP Security Headers <span class="sub-count">7</span></h3>
<p class="sub-intro"><span class="sr">Security headeri kazu browser-u kako da tretira sadrzaj. Skeniramo 7 najbitnijih.</span><span class="en">Security headers tell the browser how to treat content. We scan the 7 most important ones.</span></p>
<ul>
<li><strong>HSTS</strong><span class="why"><span class="sr">Forsira HTTPS, sprecava downgrade napade</span><span class="en">Forces HTTPS, prevents downgrade attacks</span></span></li>
<li><strong>CSP</strong><span class="why"><span class="sr">Najjaca XSS zastita ako je pravilno postavljen</span><span class="en">Strongest XSS protection when configured</span></span></li>
<li><strong>X-Frame-Options</strong><span class="why"><span class="sr">Sprecava clickjacking</span><span class="en">Prevents clickjacking</span></span></li>
<li><strong>X-Content-Type-Options</strong><span class="why"><span class="sr">Sprecava MIME sniffing</span><span class="en">Prevents MIME sniffing</span></span></li>
<li><strong>Referrer-Policy, Permissions-Policy, COOP</strong><span class="why"><span class="sr">Moderni fini kontrolni headeri</span><span class="en">Modern fine-grained controls</span></span></li>
</ul>
<a href="./blog-security-headers.html" class="subcard-link"><span class="sr">Headers vodic →</span><span class="en">Headers guide →</span></a>
</article>
<article class="feature-subcard">
<h3>DNS <span class="sub-count">3</span></h3>
<p class="sub-intro"><span class="sr">Email spoofing i DNS hijacking pocinju sa neobezbedjenom DNS zonom.</span><span class="en">Email spoofing and DNS hijacking start with an unsecured DNS zone.</span></p>
<ul>
<li><strong>SPF</strong><span class="why"><span class="sr">Sprecava slanje laznih email-ova sa tvog domena</span><span class="en">Prevents sending fake emails as your domain</span></span></li>
<li><strong>DMARC</strong><span class="why"><span class="sr">Politika za lazne (quarantine / reject)</span><span class="en">Policy for fakes (quarantine / reject)</span></span></li>
<li><strong>DNSSEC</strong><span class="why"><span class="sr">Kriptografsko potpisivanje DNS odgovora</span><span class="en">Cryptographic signing of DNS answers</span></span></li>
</ul>
<a href="./blog-security-dns.html" class="subcard-link"><span class="sr">DNS vodic →</span><span class="en">DNS guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Osetljivi fajlovi</span><span class="en">Sensitive files</span> <span class="sub-count">11</span></h3>
<p class="sub-intro"><span class="sr">Najcesci put kako sajtovi bivaju hakovani — izlozen .env ili .git folder.</span><span class="en">The most common way sites get hacked — an exposed .env or .git folder.</span></p>
<ul>
<li><strong>.env</strong><span class="why"><span class="sr">Database passwords, API kljucevi, svi secrets</span><span class="en">Database passwords, API keys, all secrets</span></span></li>
<li><strong>.git/config</strong><span class="why"><span class="sr">Ceo git repo javan, i delete-ovani commit-i sa secrets</span><span class="en">Full git repo exposed, including deleted commits</span></span></li>
<li><strong>wp-config.php, phpinfo.php</strong><span class="why"><span class="sr">WordPress DB creds i PHP config</span><span class="en">WordPress DB creds and PHP config</span></span></li>
<li><strong>backup.sql, database.sql</strong><span class="why"><span class="sr">Cela baza u jednom download-u</span><span class="en">Entire database in one download</span></span></li>
<li><strong>.htaccess, .DS_Store, docker-compose.yml, .npmrc, server-status</strong></li>
</ul>
<a href="./blog-security.html" class="subcard-link"><span class="sr">Security hub →</span><span class="en">Security hub →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Pattern-i ranjivosti</span><span class="en">Vulnerability patterns</span> <span class="sub-count">8</span></h3>
<p class="sub-intro"><span class="sr">Pasivna detekcija obrazaca koji ukazuju na OWASP Top 10 rupe. Ne eksploatisemo — prijavimo.</span><span class="en">Passive detection of patterns indicating OWASP Top 10 holes. We don't exploit — we report.</span></p>
<ul>
<li><strong>SQL Injection</strong><span class="why"><span class="sr">Obrasci SQL greske u HTTP odgovorima</span><span class="en">SQL error patterns in HTTP responses</span></span><a href="./blog-security-sql.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>XSS reflection</strong><span class="why"><span class="sr">Parametri koji se odrazavaju u HTML-u bez escape-a</span><span class="en">Params reflected in HTML without escaping</span></span><a href="./blog-security-xss.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Open redirect</strong><span class="why"><span class="sr">Koristi se za phishing kampanje</span><span class="en">Used for phishing campaigns</span></span></li>
<li><strong>Directory traversal</strong><span class="why"><span class="sr">../../../etc/passwd pattern</span><span class="en">../../../etc/passwd pattern</span></span></li>
<li><strong>Server disclosure, default credentials, backup fajlovi, info disclosure</strong></li>
</ul>
<a href="./blog-security-csrf.html" class="subcard-link"><span class="sr">CSRF + XSS vodic →</span><span class="en">CSRF + XSS guide →</span></a>
</article>
<article class="feature-subcard">
<h3>JavaScript <span class="sub-count">6</span></h3>
<p class="sub-intro"><span class="sr">Analiziramo JS kod u potrazi za izlozenim API kljucevima i obrascima koji olaksavaju XSS.</span><span class="en">We analyze the JS code looking for exposed API keys and patterns that enable XSS.</span></p>
<ul>
<li><strong><span class="sr">Izlozeni API kljucevi</span><span class="en">Exposed API keys</span></strong><span class="why">AWS, Google, Stripe, Firebase</span></li>
<li><strong><span class="sr">Opasne legacy funkcije</span><span class="en">Dangerous legacy functions</span></strong><span class="why"><span class="sr">Dinamicko izvrsavanje koda iz stringa, legacy HTML injection API-ji</span><span class="en">Dynamic code execution from strings, legacy HTML injection APIs</span></span></li>
<li><strong>Inline event handlers</strong><span class="why"><span class="sr">onclick/onload atributi koji krse CSP</span><span class="en">onclick/onload attrs that break CSP</span></span></li>
<li><strong>Mixed content</strong><span class="why"><span class="sr">http:// resursi na https:// stranici</span><span class="en">http:// resources on an https:// page</span></span></li>
<li><strong><span class="sr">Source map fajlovi</span><span class="en">Source map files</span></strong><span class="why"><span class="sr">.js.map otkriva ceo source kod</span><span class="en">.js.map exposes the full source code</span></span></li>
<li><strong>Console leak</strong><span class="why"><span class="sr">Osetljivi podaci u browser konzoli</span><span class="en">Sensitive data in browser console</span></span></li>
</ul>
<a href="./blog-security-xss.html" class="subcard-link"><span class="sr">XSS vodic →</span><span class="en">XSS guide →</span></a>
</article>
<article class="feature-subcard">
<h3>API <span class="sub-count">5</span></h3>
<p class="sub-intro"><span class="sr">API-ji su najbrze rastuci attack surface. Trazimo izlozene endpoint-e i javnu dokumentaciju.</span><span class="en">APIs are the fastest-growing attack surface. We look for exposed endpoints and public docs.</span></p>
<ul>
<li><strong><span class="sr">Otkriveni endpoint-i</span><span class="en">Exposed endpoints</span></strong><span class="why">/api/*, /v1/*, /graphql</span></li>
<li><strong>GraphQL introspection</strong><span class="why"><span class="sr">Otkriva ceo schema napadacu</span><span class="en">Reveals full schema to attacker</span></span></li>
<li><strong>Swagger/OpenAPI</strong><span class="why">/swagger, /docs, /api-docs</span></li>
<li><strong>CORS</strong><span class="why"><span class="sr">Wildcard * + credentials = kriticna rupa</span><span class="en">Wildcard * + credentials = critical hole</span></span></li>
<li><strong>Rate limiting</strong><span class="why"><span class="sr">Nepostojanje = API nije zasticen</span><span class="en">Absence = API isn't protected</span></span></li>
</ul>
<a href="./blog-security-api.html" class="subcard-link"><span class="sr">API security vodic →</span><span class="en">API security guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Portovi i admin</span><span class="en">Ports & admin</span> <span class="sub-count">15+</span></h3>
<p class="sub-intro"><span class="sr">Otvoreni database portovi i admin paneli su najcesci put za napadaca.</span><span class="en">Open database ports and admin panels are the most common path for attackers.</span></p>
<ul>
<li><strong>21, 22, 23, 25</strong><span class="why">FTP, SSH, Telnet, SMTP</span></li>
<li><strong>3306, 5432, 6379</strong><span class="why">MySQL, PostgreSQL, Redis</span></li>
<li><strong>8080, 8443, 9200</strong><span class="why">Dev i Elasticsearch portovi</span></li>
<li><strong>/admin, /wp-admin, /login, /phpmyadmin</strong></li>
</ul>
<a href="./blog-security-ports.html" class="subcard-link"><span class="sr">Port scanning vodic →</span><span class="en">Port scanning guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Ostale security provere</span><span class="en">Other security checks</span> <span class="sub-count">10+</span></h3>
<p class="sub-intro"><span class="sr">Cookie flagovi, redirect chain, CMS detekcija, subdomen enumeracija, CT logovi, CVE scan zavisnosti.</span><span class="en">Cookie flags, redirect chain, CMS detection, subdomain enumeration, CT logs, dependency CVE scan.</span></p>
<ul>
<li><strong>Cookie security</strong><span class="why">HttpOnly, Secure, SameSite</span></li>
<li><strong>Redirect chain</strong><span class="why"><span class="sr">HTTP→HTTPS, open redirects</span><span class="en">HTTP→HTTPS, open redirects</span></span></li>
<li><strong>CMS detection</strong><span class="why">WordPress, Joomla, Drupal</span></li>
<li><strong>CORS policy</strong></li>
<li><strong>robots.txt, security.txt</strong></li>
<li><strong>Subdomain enum, CT logs, dependency CVEs</strong></li>
</ul>
<a href="./blog-security.html" class="subcard-link"><span class="sr">Security hub →</span><span class="en">Security hub →</span></a>
</article>
</div>
</section>
<section id="f-seo" class="features-cat">
<h2 id="f-seo-h">🔍 <span class="sr">SEO</span><span class="en">SEO</span> <span class="cat-count">37</span></h2>
<p class="cat-intro"><span class="sr">Ako nisi indeksiran, ne postojis. Skeniramo 12 kljucnih SEO signala.</span><span class="en">If you are not indexed, you do not exist. We scan 12 key SEO signals.</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3>On-page <span class="sub-count">6</span></h3>
<p class="sub-intro"><span class="sr">Osnovni meta-tagovi i title — prva stvar koju Google vidi.</span><span class="en">Core meta tags and title — the first thing Google sees.</span></p>
<ul>
<li><strong>Title</strong><span class="why"><span class="sr">30-60 karaktera, jedinstvenost</span><span class="en">30-60 chars, uniqueness</span></span></li>
<li><strong>Meta description</strong><span class="why">120-160 chars</span></li>
<li><strong>Meta viewport</strong></li>
<li><strong>Canonical URL</strong></li>
<li><strong>H1 tag</strong></li>
<li><strong>Images alt</strong></li>
</ul>
<a href="./blog-seo-meta.html" class="subcard-link"><span class="sr">Meta tagovi vodic →</span><span class="en">Meta tags guide →</span></a>
</article>
<article class="feature-subcard">
<h3>Social & structured <span class="sub-count">3</span></h3>
<p class="sub-intro"><span class="sr">Kako stranica izgleda kada je neko podeli i da li Google moze da izvuce rich snippets.</span><span class="en">How the page looks when shared and whether Google can extract rich snippets.</span></p>
<ul>
<li><strong>Open Graph</strong><span class="why">og:title, og:description, og:image</span><a href="./blog-seo-opengraph.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Twitter Cards</strong></li>
<li><strong><span class="sr">Schema.org / JSON-LD</span><span class="en">Schema.org / JSON-LD</span></strong><a href="./blog-seo-schema.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
</ul>
<a href="./blog-seo-opengraph.html" class="subcard-link"><span class="sr">Open Graph vodic →</span><span class="en">Open Graph guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Tehnicki</span><span class="en">Technical</span> <span class="sub-count">3</span></h3>
<p class="sub-intro"><span class="sr">Infrastruktura koja odlucuje da li crawler uopste moze da stigne do tebe.</span><span class="en">Infrastructure that decides whether crawlers can even reach you.</span></p>
<ul>
<li><strong>Sitemap.xml</strong><a href="./blog-seo-sitemap.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>robots.txt</strong></li>
<li><strong>HTML lang</strong></li>
</ul>
<a href="./blog-seo.html" class="subcard-link"><span class="sr">SEO hub →</span><span class="en">SEO hub →</span></a>
</article>
</div>
</section>
<section id="f-perf" class="features-cat">
<h2 id="f-perf-h">⚡ <span class="sr">Performanse</span><span class="en">Performance</span> <span class="cat-count">20</span></h2>
<p class="cat-intro"><span class="sr">Core Web Vitals su ranking faktor. Brzi sajt konvertuje bolje i pojavljuje se vise u pretrazi.</span><span class="en">Core Web Vitals are a ranking factor. A fast site converts better and ranks higher.</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3>Server & transport <span class="sub-count">4</span></h3>
<p class="sub-intro"><span class="sr">Kako brzo server odgovori, koliko salje, da li je kompresovan optimalno.</span><span class="en">How fast the server responds and whether content is optimally compressed.</span></p>
<ul>
<li><strong>TTFB</strong><span class="why"><span class="sr">Time to First Byte</span><span class="en">Time to First Byte</span></span><a href="./blog-perf-cwv.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong><span class="sr">Velicina stranice</span><span class="en">Page size</span></strong></li>
<li><strong>Gzip / Brotli</strong><a href="./blog-perf-compression.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>HTTP/2 / HTTP/3</strong></li>
</ul>
<a href="./blog-perf-cwv.html" class="subcard-link"><span class="sr">Core Web Vitals →</span><span class="en">Core Web Vitals →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Kesiranje i CDN</span><span class="en">Caching & CDN</span> <span class="sub-count">2</span></h3>
<p class="sub-intro"><span class="sr">Najbrzi HTTP zahtev je onaj koji se nikad ne dogodi.</span><span class="en">The fastest HTTP request is the one that never happens.</span></p>
<ul>
<li><strong>Cache-Control headers</strong><a href="./blog-perf-cache.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>CDN detection</strong><a href="./blog-perf-cdn.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
</ul>
<a href="./blog-perf-cache.html" class="subcard-link"><span class="sr">HTTP caching →</span><span class="en">HTTP caching →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Resursi</span><span class="en">Assets</span> <span class="sub-count">3</span></h3>
<p class="sub-intro"><span class="sr">Slike i JS/CSS cine najveci deo vremena ucitavanja.</span><span class="en">Images and JS/CSS are the biggest part of load time.</span></p>
<ul>
<li><strong><span class="sr">Optimizacija slika</span><span class="en">Image optimization</span></strong><span class="why">WebP, AVIF, srcset</span><a href="./blog-perf-images.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Lazy loading</strong><a href="./blog-perf-lazy.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong><span class="sr">CSS/JS minifikacija</span><span class="en">CSS/JS minification</span></strong></li>
</ul>
<a href="./blog-performance.html" class="subcard-link"><span class="sr">Performance hub →</span><span class="en">Performance hub →</span></a>
</article>
</div>
</section>
<section id="f-a11y" class="features-cat">
<h2 id="f-a11y-h">♿ <span class="sr">Pristupačnost</span><span class="en">Accessibility</span> <span class="cat-count">17</span></h2>
<p class="cat-intro"><span class="sr">15% korisnika globalno koristi pomocne tehnologije. U EU je a11y zakonska obaveza (EAA 2025).</span><span class="en">15% of users globally use assistive tech. In the EU, a11y is legally required (EAA 2025).</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3>WCAG 2.1 <span class="sub-count">7</span></h3>
<p class="sub-intro"><span class="sr">Sedam kljucnih provera koje screen reader korisnici najvise osete.</span><span class="en">Seven key checks screen reader users feel the most.</span></p>
<ul>
<li><strong>Alt text</strong><span class="why"><span class="sr">Sve slike moraju imati alt</span><span class="en">All images need alt</span></span></li>
<li><strong>Form labels & aria-label</strong></li>
<li><strong>ARIA landmarks</strong><span class="why">main, nav, header, footer</span></li>
<li><strong>Heading hierarchy</strong></li>
<li><strong>Link text</strong></li>
<li><strong>HTML lang</strong></li>
<li><strong>Tabindex</strong></li>
</ul>
<a href="./blog-gdpr-rights.html" class="subcard-link no-link"><span class="sr">Vodic uskoro →</span><span class="en">Coming soon →</span></a>
</article>
</div>
</section>
<section id="f-gdpr" class="features-cat">
<h2 id="f-gdpr-h">🇪🇺 <span class="sr">GDPR</span><span class="en">GDPR</span> <span class="cat-count">7</span></h2>
<p class="cat-intro"><span class="sr">GDPR kazne idu do 20M evra ili 4% godisnjeg prihoda. Skeniramo 7 signala usaglasenosti.</span><span class="en">GDPR fines go up to 20M euros or 4% of revenue. We scan 7 compliance signals.</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3><span class="sr">Politike</span><span class="en">Policies</span> <span class="sub-count">2</span></h3>
<p class="sub-intro"><span class="sr">Bez Privacy Policy i Terms, ne mozes prikupljati podatke u EU.</span><span class="en">Without Privacy Policy and Terms, you cannot collect data in the EU.</span></p>
<ul>
<li><strong>Privacy Policy</strong><a href="./blog-gdpr-policy.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Terms of Service</strong></li>
</ul>
<a href="./blog-gdpr-policy.html" class="subcard-link"><span class="sr">Privacy Policy vodic →</span><span class="en">Privacy Policy guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Kolacici i consent</span><span class="en">Cookies & consent</span> <span class="sub-count">3</span></h3>
<p class="sub-intro"><span class="sr">Cookie consent je obavezan za EU posetioce.</span><span class="en">Cookie consent is mandatory for EU visitors.</span></p>
<ul>
<li><strong>Consent banner</strong><span class="why">CookieConsent, OneTrust, Cookiebot</span><a href="./blog-gdpr-cookies.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Third-party trackers</strong><span class="why">GA, Facebook Pixel, Hotjar</span><a href="./blog-gdpr-trackers.html" style="color:#a78bfa;font-size:0.72rem;margin-left:0.3rem;">[vodic]</a></li>
<li><strong>Tracking cookies</strong></li>
</ul>
<a href="./blog-gdpr-cookies.html" class="subcard-link"><span class="sr">Cookie consent vodic →</span><span class="en">Cookie consent guide →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Prava i enkripcija</span><span class="en">Rights & encryption</span> <span class="sub-count">2</span></h3>
<p class="sub-intro"><span class="sr">Art. 32 zahteva enkripciju podataka u prenosu.</span><span class="en">Art. 32 requires encryption of data in transit.</span></p>
<ul>
<li><strong><span class="sr">Forme za prikupljanje</span><span class="en">Data collection forms</span></strong></li>
<li><strong>HTTPS</strong><span class="why"><span class="sr">Podaci u prenosu moraju biti enkriptovani</span><span class="en">Data in transit must be encrypted</span></span></li>
</ul>
<a href="./blog-gdpr-rights.html" class="subcard-link"><span class="sr">Prava korisnika →</span><span class="en">User rights →</span></a>
</article>
</div>
</section>
<section id="f-extra" class="features-cat">
<h2 id="f-extra-h">🧰 <span class="sr">Dodatne analize</span><span class="en">Additional Analyses</span> <span class="cat-count">12</span></h2>
<p class="cat-intro"><span class="sr">Nevidljivi signali — ko je registrovao domen, sta je u tech stack-u, kako tretirati email.</span><span class="en">Invisible signals — who registered the domain, what is in the tech stack, how to handle email.</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3>WHOIS</h3>
<p class="sub-intro"><span class="sr">Istek, starost, registrar, lock status. Istekao domen = propao biznis.</span><span class="en">Expiry, age, registrar, lock status. Expired domain = failed business.</span></p>
<ul>
<li><strong><span class="sr">Datum isteka</span><span class="en">Expiry date</span></strong></li>
<li><strong><span class="sr">Starost domena</span><span class="en">Domain age</span></strong></li>
<li><strong>Registrar + lock status</strong></li>
</ul>
<a href="./blog-security.html" class="subcard-link"><span class="sr">Security hub →</span><span class="en">Security hub →</span></a>
</article>
<article class="feature-subcard">
<h3>Tech Stack</h3>
<p class="sub-intro"><span class="sr">45+ tehnologija — framework, CMS, CDN, analytics, server.</span><span class="en">45+ technologies — framework, CMS, CDN, analytics, server.</span></p>
<ul>
<li><strong>Frontend</strong><span class="why">React, Vue, Angular, Next, Nuxt</span></li>
<li><strong>Backend / CMS</strong><span class="why">WordPress, Shopify, Laravel, Django</span></li>
<li><strong>CDN / hosting</strong><span class="why">Cloudflare, Vercel, Netlify</span></li>
</ul>
<a href="./blog-security.html" class="subcard-link"><span class="sr">Security hub →</span><span class="en">Security hub →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Email bezbednost</span><span class="en">Email security</span></h3>
<p class="sub-intro"><span class="sr">Konfiguracija koja sprecava slanje laznih email-ova u ime tvog domena.</span><span class="en">Configuration that prevents sending fake emails as your domain.</span></p>
<ul>
<li><strong>MX records</strong></li>
<li><strong>STARTTLS</strong></li>
<li><strong>BIMI, DKIM</strong></li>
</ul>
<a href="./blog-security-dns.html" class="subcard-link"><span class="sr">DNS + email →</span><span class="en">DNS + email →</span></a>
</article>
<article class="feature-subcard">
<h3>Mozilla Observatory</h3>
<p class="sub-intro"><span class="sr">Nezavisna ocena sa observatory.mozilla.org koja se koristi kao industry benchmark.</span><span class="en">Independent grade from observatory.mozilla.org used as industry benchmark.</span></p>
<ul>
<li><strong>Mozilla grade (A+ to F)</strong></li>
<li><strong>Score (0-100+)</strong></li>
</ul>
<a href="./blog-security-headers.html" class="subcard-link"><span class="sr">Headers + Observatory →</span><span class="en">Headers + Observatory →</span></a>
</article>
<article class="feature-subcard">
<h3>Crawler</h3>
<p class="sub-intro"><span class="sr">Otkriva do 50 stranica (2 nivoa dubine). Pro plan skenira do 10 pojedinacno.</span><span class="en">Discovers up to 50 pages (2 levels deep). Pro plan scans up to 10 individually.</span></p>
<ul>
<li><strong>BFS crawl</strong><span class="why">Max depth 2, same-origin only</span></li>
<li><strong>SSRF-safe</strong></li>
<li><strong>Pro: multi-page scan</strong></li>
</ul>
<a href="./pricing.html" class="subcard-link"><span class="sr">Pro plan →</span><span class="en">Pro plan →</span></a>
</article>
<article class="feature-subcard">
<h3>Risk Engine</h3>
<p class="sub-intro"><span class="sr">Top 5 najvaznijih problema sa prioritetima + preporukama za popravku.</span><span class="en">Top 5 most important issues with priorities + fix recommendations.</span></p>
<ul>
<li><strong>Top 5 priorities</strong></li>
<li><strong>Fix recommendations</strong></li>
<li><strong>Grade + score (A-F)</strong></li>
</ul>
<a href="./blog-security.html" class="subcard-link"><span class="sr">Security hub →</span><span class="en">Security hub →</span></a>
</article>
</div>
</section>
<section id="f-malware" class="features-cat" style="position:relative; overflow:hidden;">
<div style="position:absolute;top:0;left:0;right:0;height:4px;background:linear-gradient(90deg, rgba(255,144,104,0.8), rgba(255,90,95,0.8));"></div>
<h2 id="f-malware-h" style="padding-top:10px;">🦠 <span class="sr">Malware Scanner</span><span class="en">Malware Scanner</span> <span class="cat-count" style="background:rgba(255,90,95,0.15);color:#ff9aa2;border:1px solid rgba(255,90,95,0.3);">18</span></h2>
<p class="cat-intro"><span class="sr">Zaseban nezavisni modul za analizu zaraženih sajtova, pronalazak webshell-ova i utvrđivanje prisustva na blacklistama.</span><span class="en">A standalone independent module for analyzing infected sites, finding webshells, and checking blacklists.</span></p>
<div class="features-subgrid">
<article class="feature-subcard">
<h3><span class="sr">Brzi (Safe) sken</span><span class="en">Quick (Safe) scan</span> <span class="sub-count" style="color:#a78bfa;">11</span></h3>
<p class="sub-intro"><span class="sr">Pasivne i bezbedne provere koje možete pokrenuti za bilo koji domen.</span><span class="en">Passive and safe checks you can run on any domain.</span></p>
<ul>
<li><strong>Blacklist / Phishing</strong><span class="why">URLhaus, OpenPhish, DNSBL</span></li>
<li><strong>JS Obfuscation</strong><span class="why">eval(), charCodeAt, hex</span></li>
<li><strong>Cryptojacking</strong><span class="why">CoinHive, JSEcoin</span></li>
<li><strong>Webshell / Backdoor</strong><span class="why">Indikatori upada</span></li>
<li><strong>Information Disclosure</strong><span class="why">Lozinke u HTML komentarima</span></li>
</ul>
<a href="./malware.html" class="subcard-link"><span class="sr">Saznaj više →</span><span class="en">Learn more →</span></a>
</article>
<article class="feature-subcard">
<h3><span class="sr">Puni (Full) sken</span><span class="en">Deep (Full) scan</span> <span class="sub-count" style="color:#a78bfa;">8</span></h3>
<p class="sub-intro"><span class="sr">Dodatne istrage dostupne nakon verifikacije vlasništva domena.</span><span class="en">Additional investigations available after domain ownership verification.</span></p>
<ul>
<li><strong>Wayback Machine</strong><span class="why">Istorija blacklist-a</span></li>
<li><strong>SEO Span / Index Contamination</strong><span class="why">Google spam hack</span></li>
<li><strong>Reputation Score</strong><span class="why">Infrastrukturni health</span></li>
<li><strong>SSL Compromise & Email</strong></li>
<li><strong>Damage Report</strong><span class="why">Procena oporavka</span></li>
</ul>
<a href="./malware.html" class="subcard-link"><span class="sr">Saznaj više →</span><span class="en">Learn more →</span></a>
</article>
</div>
</section>
<div class="features-big-cta">
<h3><span class="sr">Pokreni sve ovo za 90 sekundi</span><span class="en">Run all of this in 90 seconds</span></h3>
<p><span class="sr">Unesi URL svog sajta, klikni "Skeniraj", i dobi izvestaj sa preporukama. Besplatno, bez registracije.</span><span class="en">Enter your URL, click "Scan", get a report with recommendations. Free, no registration.</span></p>
<a href="./index.html"><span class="sr">Skeniraj svoj sajt →</span><span class="en">Scan your site →</span></a>
</div>
</main>
</div>
<script src="./blog-common.js" defer></script>
</body>
</html>