Check for anonymous encryption method
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
|Result positive||Anonymous key exchange not supported|
|Result negativ||Anonymous key exchange supported|
|Description||Your web server/website is configured to make connections using an insecure encryption method (cipher suite) without access rights control. This makes you vulnerable to man-in-the-middle-attacks.|
|Background||The term cipher suite stands for a collection of cryptographic methods (encryption of information). This collection contains the key exchange method, the signature method, the encryption, and cryptographic hash function. This combination of cryptographic components ensures that there is a secure connection for the communication between two parties, for example your browser and a web server or website. In the TLS protocol (Transport Layer Security), the (cipher suite (cryptographic method) determines which algorithms are used to establish a secure data connection, and it ensures that the connection is secure.|
|Consequence||Attackers can easily decode the communication between your web server and your visitor's browser, so-called man-in-the-middle-attacks. In this way, information such as passwords or credit card information can be intercepted and misused for criminal purposes.|
|Solution/Tips||If Anonymous key exchange supported was reported, deactivate support for anonymous key exchange in the encryption method settings. As a consequence of the known TLS vulnerabilities, the most important rule is to use TLS 1.2 whenever possible. SSL 3.0 should be disabled in the Browser.|