How to interpret SSL/TLS test results

Question

Hi, everyone,
We've checked recently our website (stopdrugs.info) using SSL/TLS security test. The report here revealed a lot of errors and vulnerabilities with overall grade B-. But now I don't know what to do with these results. Can anyone just make some short hints if there are any critical errors which are really essential for our website security. 
Thank you in advance.&nbsp;

eben · Answer

It means some of the cipher suites that are active are not PCI/HIPAA/NIST compliant. You could manually disable this set of cipher suites from your client ssl profile.This 
Resource will come handy.&nbsp;
Secondly your websites calls third party resources using HTTP and not HTTPS.
Resolving this should take you from a B- to A.&nbsp;
HTH&nbsp;

eben_259100 · Answer

It means some of the cipher suites that are active are not PCI/HIPAA/NIST compliant. You could manually disable this set of cipher suites from your client ssl profile.This 
Resource will come handy.&nbsp;
Secondly your websites calls third party resources using HTTP and not HTTPS.
Resolving this should take you from a B- to A.&nbsp;
HTH&nbsp;

dimitrirosto_35 · Answer

Thank you, I will try.&nbsp;

dimitrirosto_35 · Answer

Thank you, I will try.&nbsp;

Forum Discussion

How to interpret SSL/TLS test results

4 Replies

Recent Discussions

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Help with URL Masking

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

TLS Fingerprinting to profile SSL/TLS clients without decryption

CLIENT_HELLO SSL TLS version insert

F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2

SSL Profiles Part 11: TLS Optimization