Netsparker detected that insecure transportation security protocol (SSLv2) is supported by your web server.
SSLv2 has several flaws. For example, your secure traffic can be observed when you have established it over SSLv2.
We recommended to disable SSLv2 and replace it with TLS 1.2 or higher. See Remedy section for more details.
Configure your web server to disallow using weak ciphers.
nginx.conffile and remove
ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable"
ssl.openssl.ssl-conf-cmd = ("Protocol" => "-TLSv1.1, -TLSv1, -SSLv3") # v1.4.48 or up ssl.ec-curve = "secp384r1"