bwt
* this https://securityheaders.com/?q=https%3A%2F%2Fplanlike.pro&fo... can be easy to fix (I'll give you the settings for haproxy or apache if you need)
* https://tools.pingdom.com/#619d161622000000 can be improved, too
I would also disable TLS 1.0 (https://www.immuniweb.com/ssl/planlike.pro/72wS3s8G/ ) and enable HTTP2 or have both HTTP2 and HTTP1
On the reset password you should not show us the world messages like "This email is not registered" (security)
then maybe
* have https://www.planlike.pro redirect to https://planlike.pro
* populate https://planlike.pro/robots.txt
bwt
* this https://securityheaders.com/?q=https%3A%2F%2Fplanlike.pro&fo... can be easy to fix (I'll give you the settings for haproxy or apache if you need)
* https://tools.pingdom.com/#619d161622000000 can be improved, too
I would also disable TLS 1.0 (https://www.immuniweb.com/ssl/planlike.pro/72wS3s8G/ ) and enable HTTP2 or have both HTTP2 and HTTP1
On the reset password you should not show us the world messages like "This email is not registered" (security)
then maybe
* have https://www.planlike.pro redirect to https://planlike.pro
* populate https://planlike.pro/robots.txt