Should I get security tips from people if their own website is poorly secured and has security holes? I don't think so.

What should I do if a website tells me to activate Javascript? I just go to the competition.

What do I do if a website uses CAPTCHAS from Google? I leave the website.

What do I do if a website uses Cloudflare? Nothing at all. Thank God these MITM/NSA/spy/garbage sites are filtered by my firewall.

Signs that a website is insecure:

• The use of Cloudflare.
• Excessive use of shortened URLs.
• Include unnecessary Javascript from frameworks, libraries such as jQuery or Bootstrap.
• The use of unnecessary cookies.
• Embedding dubious sources.
• The use of ancient encryption.
• The request "Please activate Javascript".
• Retarded programmers who blame me if they can't validate the input properly.