Have you ever notice the URL of Gmail, twitter or other popular website. You will notice https instead of http. It is TLS(Transport Layer Security, commonly called SSL). This is used for secure website connection to protect user data from being theft. As hackers are highly active these days, it is important to secure website against most common attacks.
Only implementation of SSL is not the thing which will make your website secure. There are some configurations which can be done properly. Misconfiguration always lead to a big security hole which can be harmful.
How to know if your server is properly configured?
sslyze is a free software which is used for analyzing the configuration of SSL servers and for identifying misconfiguration such as the use of outdated protocol versions, weak hash algorithms in trust chains, insecure renegotiation, and session resumption settings.
It is an python script which scans for simple SSL misconfiguration, but using it with some available plugins improves its performance.
Features:
Only implementation of SSL is not the thing which will make your website secure. There are some configurations which can be done properly. Misconfiguration always lead to a big security hole which can be harmful.
How to know if your server is properly configured?
sslyze is a free software which is used for analyzing the configuration of SSL servers and for identifying misconfiguration such as the use of outdated protocol versions, weak hash algorithms in trust chains, insecure renegotiation, and session resumption settings.
It is an python script which scans for simple SSL misconfiguration, but using it with some available plugins improves its performance.
Features:
- Insecure renegotiation testing
- Scanning for weak strength ciphers
- Checking for SSLv2, SSLv3 and TLSv1 versions
- Server certificate information dump and basic validation
- Session resumption capabilities and actual resumption rate measurement
- Support for client certificate authentication
- Simultaneous scanning of multiple servers, versions and ciphers