Invicti detected that insecure transportation security protocol (SSLv3) is supported by your web server.
SSLv3 has several flaws. An attacker can cause connection failures and they can trigger the use of SSL 3.0 to exploit vulnerabilities like POODLE.
Attackers can perform man-in-the-middle attacks and observe the encryption traffic between your website and its visitors.
Configure your web server to disallow using weak ciphers. You need to restart the web server to enable changes.
nginx.conf
file and remove SSLv3
.ssl_protocols TLSv1.2;regedt32
or regedit
, and then click OK.Server
or create if it doesn't exist.Server
key, locate a DWORD value named Enabled
or create if it doesn't exist and set its value to "0".We recommended to disable SSLv3 and replace it with TLS 1.2 or higher. See Remedy section for more details.
You can search and find all vulnerabilities