Severity: High
Netsparker detected that insecure transportation security protocol (SSLv2) is supported by your web server.
SSLv2 has several flaws. For example, your secure traffic can be observed when you have established it over SSLv2.
We recommended to disable SSLv2 and replace it with TLS 1.2 or higher. See Remedy section for more details.
Configure your web server to disallow using weak ciphers.
httpd.conf
.
SSLProtocol +TLSv1.2
nginx.conf
file and remove SSLv3
.
ssl_protocols TLSv1.2;
ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable"
ssl.openssl.ssl-conf-cmd = ("Protocol" => "-TLSv1.1, -TLSv1, -SSLv3") # v1.4.48 or up ssl.ec-curve = "secp384r1"