top of page

Weak HTTPS Ciphers? There is an app for that

  • Writer: Jeremy Druin
    Jeremy Druin
  • Feb 22, 2021
  • 1 min read

HTTPS connection depend on the underlying cryptopgraphic algorithms that are available to the web server. Also, the web server configuration decides which ciphers are exposed to the customer. Many sites are set up with default configurations. This can unintentionally enable weak encryption algorithms.


It is easier than you might think to check which ciphers are running on your web server. Even if the site is not on the Internet, you can check the HTTPS configuration with SSLScan and use the results to find weak ciphers. Check out these videos that will help you get started.







Comments


© 2014-2025 by Ellipsis Information Security LLC

  • Twitter Metallic
  • LinkedIn App Icon
  • YouTube Long Shadow
bottom of page