Get the most out of your Centmin Mod LEMP stack
Become a Member

SSL centminmod.com ssllabs dev tests 16/6/16

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, Jun 16, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    54,868
    12,239
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,810
    Local Time:
    8:56 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Working on my HTTPS version of centminmod.com's sites HTTP/2 SSL configuration testing dual ECDSA+RSA ssl certificate support in Nginx 1.11 branch and running my site through ssllabs dev version online testing tool at SSL Server Test (Powered by Qualys SSL Labs)

    Results as at 16/6/16 which is almost 6 1/2 weeks since the OpenSSL CVE-2016-2107 vulnerability announcement. The dev.ssllabs.com tool can detect if your web site's web server is vulnerable and automatically give you a F rating if it is !

    Looking good, not A+ has i have HSTS disabled as I need to be able to test both HTTP & HTTPS version of my site and Centmin Mod LEMP stack's Nginx operation etc :)

    centminmod.com-ssllabs-00.png
    centminmod.com-ssllabs-01.png
    centminmod.com-ssllabs-02.png

    Unfortunately, alot of web servers online are still vulnerable to OpenSSL CVE-2016-2107 security flaw Companies Are Slow to Patch Latest OpenSSL Flaw


    You can use these online tools to test if your HTTPS enabled site are vulnerable or safe
    Example results

    centminmod.com-2107-00.png
    easyengine.io-2107-00.png
    vpssim.com-2107-00.png

    what sslllabs will report if you're vulnerable to OpenSSL CVE-2016-2107 which was announced more than 6 1/2 weeks ago !

    easyengine.io-ssllabs-00.png
    easyengine.io-ssllabs-01.png
    easyengine.io-ssllabs-02.png

    another example

    vpssim.com-ssllabs-00.png
    vpssim.com-ssllabs-01.png
    vpssim.com-ssllabs-02.png

    So folks be safe and make sure your web server is up to date and not vulnerable to OpenSSL CVE-2016-2107 which was fixed in OpenSSL 1.0.2h and LibreSSL 2.3.4+

    For Centmin Mod Nginx, the relevant threads are:
     
  2. Sunka

    Sunka Well-Known Member

    1,150
    325
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +525
    Local Time:
    11:56 AM
    Nginx 1.17.9
    MariaDB 10.3.22
    Looking OK (y)

    a - 10-13-52.png
     
  3. eva2000

    eva2000 Administrator Staff Member

    54,868
    12,239
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,810
    Local Time:
    8:56 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+