Rule from ssl under security category
Passmarked is made out of users just like you who helped supply some content. Click below to contribute to this rule. We need you.Add content to this rule
As the waves of time continue and more exploits are found in older technology, so must we constantly review cipher suites used by our servers.
Older and weaker ciphers put servers at risk of explotation and must be disabled. The following ciphers are considered bad and must be disabled:
Configure your web server to disable these protocols (normally by negating them in the server), to get started here is a recommended list of ciphers supporting older clients till XP:
Take note of the negated ciphers:
These are considered bad, and not matter which list of ciphers the server ends up using those must not be enabled.
Passmarked works best when you have an account. It allows you to keep a dashboard with saved data of the sites you have run through the system, we’ll alert you about important updates and you get access to the Passmarked Slack forum.Sign up to get started