dnswatchdog.iodocs
Issues

Authentication Required

The web endpoint requires authentication.

Severity: Warning

What does this mean?

The server responded with HTTP 401 (Unauthorized) or 403 (Forbidden), indicating that the resource requires authentication or the request was denied. This means the server is running but will not serve content without valid credentials.

Why this is a problem

An authentication prompt on a public-facing domain could indicate several things. It might be an internal application (like an admin panel, staging environment, or monitoring dashboard) that is accidentally exposed to the internet. While the authentication barrier provides some protection, it also makes the endpoint a target for credential brute-force attacks.

What you should do

  • Verify whether this endpoint is supposed to be publicly accessible
  • If it is an internal application, restrict access by IP address or place it behind a VPN
  • Ensure strong authentication is in place (not basic auth with weak passwords)
  • Consider adding rate limiting to prevent brute-force attacks
  • If the endpoint is intentionally public and requires login, this issue can be ignored

HTTP Connection Error

Unable to establish a connection to the web endpoint.

Weak TLS Version

The server negotiated a deprecated TLS version.

On this page

What does this mean?Why this is a problemWhat you should do