No-Encryption-Found/EN/Consequence: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „Currently, your website is not protected against using an outdated TLS standard (protocol downgrade attacks) and against cookie hijacking. This allows an attac…“) |
|||
| Zeile 1: | Zeile 1: | ||
| − | Currently, your website is not protected against using an outdated TLS standard (protocol downgrade attacks) and against cookie hijacking. This allows an attacker to intercept and manipulate your user's communication. Using this information, an attacker could launch further attacks or spam your users with unwanted advertisements and malicious code. HTTP Strict Transport Security is an excellent feature to strengthen your site and its implementation of | + | Currently, your website is not protected against using an outdated [https://en.wikipedia.org/wiki/Transport_Layer_Security SSL/TLS] standard (protocol downgrade attacks) and against cookie hijacking. This allows an attacker to intercept and manipulate your user's communication. Using this information, an attacker could launch further attacks or spam your users with unwanted advertisements and malicious code. [https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security HTTP Strict Transport Security (HSTS)] is an excellent feature to strengthen your site and its implementation of TLS by forcing the user agent to use HTTPS. |
Aktuelle Version vom 6. Februar 2019, 15:55 Uhr
Currently, your website is not protected against using an outdated SSL/TLS standard (protocol downgrade attacks) and against cookie hijacking. This allows an attacker to intercept and manipulate your user's communication. Using this information, an attacker could launch further attacks or spam your users with unwanted advertisements and malicious code. HTTP Strict Transport Security (HSTS) is an excellent feature to strengthen your site and its implementation of TLS by forcing the user agent to use HTTPS.
