Back
Question
What sounds like actionable advice on improving SSL grade?
So, my product HTTPS Cop scans for SSL config and grades your SSL config. So when there is room for improvement or your SSL config is downright vulnerable to some sort of attack, what would you prefer as actionable advice?
-> Like, remove XX cipher and enable XXX cipher
-> Or Here is an SSL config that will get you A grade - links to nginx config, apache config etc
-> Like, remove XX cipher and enable XXX cipher
-> Or Here is an SSL config that will get you A grade - links to nginx config, apache config etc
π Join WIP to participate
I ended up providing my sample config file for getting "A" grade - gist.github.com/ashfame/27a1fβ¦