SSL Labs says SSL is vulnerable, gives grade F

Discussion on https://github.com/EasyEngine/easyengine/issues/729 to be continued here…

Something doesn’t match.

My sites using EE+LE all have grade A+.

1 Like

@janiosarmento How do you get around this?

This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.

I never had faced such message. :-/

I figured it out.

Source: https://github.com/EasyEngine/easyengine/issues/661

Thanks for the reply though, it’s much appreciated. I’m now showing an A grade on SSL Labs.

I have tested website on Qualys ssl lab and get F rating with following error: This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set to F.

I have updated openssl to 1.0.2h and also restart apache server but I am still getting an F rating .

@aankit_rathore – Did you adjust your configuration as per https://easyengine.io/tutorials/nginx/diffie-hellman-logjam-attack-fix/?

See: SSL Labs says SSL is vulnerable, gives grade F

brianjking — I have updated these changes, but still getting an F rating.

Have you restarted Nginx?

Please post your ssl.conf file so we can see if there are any issues. Usually it’s at /var/www/domain.com/conf/nginx/ssl.conf

It will really help if you post why it gives F, it usually highlights the issues right there in the report.

Yes i was restarted my server.

I am using Apache server not Nginx.

Apache? I thought EE supports only Nginx.

@aankit_rathore

This support forum for EE only. No Apache support. :slight_smile:

I am closing this discussion for now. If you need any help from community for EE or Nginx, feel free to create new topic.

Thanks,

2 Likes