1. Support Center
  2. SSL / TLS Vulnerabilities
  3. Vulnerabilities requiring reconfiguration

Enable TLS Encryption

There is no SSL/TLS encryption enabled on your server. All traffic to your web application is transported via unencrypted channels. This leaves your users vulnerable to man-in-the-middle attacks.

Security Assessment

Security_Assessment_EnableTLSEncryption

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Vulnerability Information

There is no SSL/TLS encryption enabled on your server. All traffic to your web application is transported via unencrypted channels. This leaves your users vulnerable to man-in-the-middle attacks.

Guides

If you want to provide a secure way for your users to communicate with your web application. You should enable TLS encryption. Especially if any customer data is stored and a login with user credentials is offered, this shall in any case be offered. Enable TLS encryption by Configuring Trusted Certificates.

For more information about Crashtest Security visit crashtest-security.com