Documentation

Getting Started

1. Create an Account

Sign up for a free account at mbguards.com/signup. No credit card required to get started.

2. Add Your Website

Navigate to the dashboard and click "Add Website". Enter your domain name (e.g., example.com).

3. Verify Domain Ownership

Add a DNS TXT record to verify you own the domain. We'll provide a unique verification code that you add to your DNS settings.

4. Run Your First Scan

Once verified, click "Scan" to analyze your website's security. Results are available within minutes.

Security Checks

Security Headers

We check for essential HTTP security headers including Content-Security-Policy, Strict-Transport-Security (HSTS), X-Frame-Options, X-Content-Type-Options, and more.

SSL/TLS Analysis

Verify your SSL certificate is valid, check expiration dates, and ensure proper certificate chain configuration.

DNS Security

Check for SPF, DMARC, and DNSSEC records to protect against email spoofing and DNS-based attacks.

Technology Detection

Identify CMS platforms, frameworks, analytics tools, and other technologies running on your website to understand your attack surface.

Exposed Paths

Scan for commonly exposed files like .env, .git, backup files, and admin panels that could leak sensitive information.

Understanding Your Score

MBGuards provides both a letter grade (A+ to F) and a risk score (0-100) for your website.

GradeRisk ScoreMeaning
A+0-5Excellent security posture
A6-15Very good security
B16-30Good with minor issues
C31-50Moderate concerns
D51-70Significant issues
F71-100Critical problems

Scheduled Scans

Pro and Enterprise users can configure automated scheduled scans:

  • Daily: Scan every day at midnight UTC
  • Weekly: Scan every Monday at 6 AM UTC
  • Monthly: Scan on the 1st of each month

Configure your schedule from the Dashboard under "Scheduled Scans".

Email Alerts

Stay informed with email notifications (Pro and Enterprise plans):

  • Security Alerts: Immediate notification when critical or high severity issues are found
  • SSL Expiry Warnings: 30-day advance notice before your SSL certificate expires
  • Weekly Digest: Summary of all your monitored sites' security status
  • Scan Completed: Optional notification when scheduled scans finish

Manage your notification preferences at /alerts.

Frequently Asked Questions

Is the scanning safe for my website?

Yes! MBGuards uses passive, non-intrusive scanning that won't affect your site's performance or trigger security alerts. We only analyze publicly accessible information.

Why do I need to verify domain ownership?

Domain verification ensures you can only scan websites you own or have permission to scan. This protects against unauthorized scanning of third-party websites.

How long does a scan take?

Most scans complete within 1-2 minutes. Complex sites with many technologies may take slightly longer.

Can I scan websites I don't own?

No. You must verify domain ownership before scanning. This is an industry-standard security practice to prevent abuse.

Need Help?

Our support team is here to assist you with any questions.

Contact Support