How can I resolve this SSL report score?

Question

Report:

The server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate.

The server supports only older protocols, but not the current best TLS 1.2.

The server accepts RC4 cipher, but only with older protocol versions.

Is it good to disable SSL 3?
Is it good to enable TLS 1.2?
Is there a solution to improve the SSL Score?

StackzOfZtuff · Answer 1 · 2018-01-02T21:46:35.743

3

Is it good to disable SSL 3?

Generally yes.

Is it good to enable TLS 1.2?

Generally yes.

Is there a solution to improve the SSL Score?

In broad strokes:

Regardless of what web server you are running:
- Update your server software.
- Disable SSL3.
- Enable TLS1.2.
If running the Microsoft IIS web server:
- Download and run IISCrypto.
- Press "Best Practices" button.
- Press "Apply" button.
- Close IISCrypto.
- Reboot server.
If running another web server:
- Implement crypto config from Mozilla SSL Configuration Generator otherwise.

edited Jan 02 '18 at 21:46

answered Jun 15 '16 at 12:50

StackzOfZtuff

1,842
13
21

Thank you very much StackzOfZtuff. I will try this very soon will come back with results. – Mehl'emamba Jun 15 '16 at 12:58

How can I resolve this SSL report score?

1 Answers1