Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Question about SSL Labs Results

Discussion in 'Security' started by dannyny, Apr 4, 2019.

  1. dannyny

    dannyny Member

    Joined:
    Jan 12, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Central Islip, NY
    Hello!

    Adding this to this thread because I got an error when trying to create a new post: Since it is in the same line:
    Coming across some issues - I don't know if this is something I need to be concern about
    maybe just giving you a heads up.
    The information You gave me led me to these findings:

    - Removed -

    ssllabs/research

    Is anything here I should be concern with. In the pass I have had a lot of sites - hacked
    I do not know whether they got into through WP or somehow my site directly.
    I am trying once again to get somethings set up and trying to avoid problems going forward.

    Thank You for Your Time,
    Daniel Rodgers
     
    #1 dannyny, Apr 4, 2019
    Last edited by a moderator: Apr 6, 2019
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,814
    Likes Received:
    443
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    I use the same certificate on my personal server for the hostname and I receive an A rating.

    I do notice a couple of things wrong with the certificate you're using:

    1. The SAN or Alternate name for the www. subdomain has no A record
    2. You're pointing out certificate 2 and this isn't whats bringing your grade down - generally speaking the second cert they reference doesn't support SNI
    3. In the handshake simulation Android 2.3 doesn't support SNI this isn't related to the certificate it's an issue with the client which is extremely antiquated at this point
    4. By default at this time the version of OpenSSL we're using doesn't utilize TLS 1.3 but TLS 1.2 is the standard right now.
    5. Are you using the default cipher suite or have you made modifications to the SSL ciphers in the Apache configuration?
    I doubt any of this would lead to your sites being hacked, most commonly with WordPress sites the culprit is out of date or vulnerable plugins/themes.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice