Unencrypted-Communication/EN

Aus Siwecos
Wechseln zu: Navigation, Suche

Check for NULL ciphers

Check Insecure NULL ciphers supported
Beschreibung Your web server/website is configured to allow unencrypted voice transmission via a secure channel. This makes you vulnerable to man-in-the-middle-attacks.
Hintergrund The term Cipher Suite stands for a group of cryptographic functions that includes the key exchange procedure, signature procedure, encryption and cryptographic hash functions. This combination of cryptographic components ensures a secure connection between two parties, such as your browser and a web server/website. In the TLS protocol (Transport Layer Security), the Cipher Suite determines which algorithms should be used to establish a secure data connection.
Auswirkung If no encryption is used, attackers can easily decode the communication between your website and your customer's browser. In this way, information such as passwords, data entered in forms, or credit card information can be intercepted and misused for criminal purposes.
Lösung / Tipps If Insecure NULL ciphers supported was reported, deactivate support for NULL encryption methods.