Question about SSL Labs Results

[dannyny]

Hello!

Adding this to this thread because I got an error when trying to create a new post: Since it is in the same line:
Coming across some issues - I don't know if this is something I need to be concern about
maybe just giving you a heads up.
The information You gave me led me to these findings:

- Removed -

ssllabs/research

Is anything here I should be concern with. In the pass I have had a lot of sites - hacked
I do not know whether they got into through WP or somehow my site directly.
I am trying once again to get somethings set up and trying to avoid problems going forward.

Thank You for Your Time,
Daniel Rodgers

 

[cPanelLauren]

I use the same certificate on my personal server for the hostname and I receive an A rating.

I do notice a couple of things wrong with the certificate you're using:

1. The SAN or Alternate name for the www. subdomain has no A record
2. You're pointing out certificate 2 and this isn't whats bringing your grade down - generally speaking the second cert they reference doesn't support SNI
3. In the handshake simulation Android 2.3 doesn't support SNI this isn't related to the certificate it's an issue with the client which is extremely antiquated at this point
4. By default at this time the version of OpenSSL we're using doesn't utilize TLS 1.3 but TLS 1.2 is the standard right now.
5. Are you using the default cipher suite or have you made modifications to the SSL ciphers in the Apache configuration?

Is anything here I should be concern with. In the pass I have had a lot of sites - hacked
I do not know whether they got into through WP or somehow my site directly.
I am trying once again to get somethings set up and trying to avoid problems going forward.

I doubt any of this would lead to your sites being hacked, most commonly with WordPress sites the culprit is out of date or vulnerable plugins/themes.