1. SSL/TLS Service Supports Weak Protocol
SSl missconfiguration
- Evidence
- Solution
- Impact = None
Upgrade http 1.1 to http2
- Evidence
- Solution
- Impact = None
2. Content Security Policy (CSP) Missing
Enabling CSP on Web Server
- Evidence
- Solution
- Impact = none
3. Website Does Not Implement HSTS Best Practices
Update hsts configuration
- Evidence
- Solution
- Impact = none
4. TLS Service Supports Weak Cipher Suite
Disable the cipher suites listed in the evidence column of the measurement.
- Evidence
- Solution
- Impact = old browser cannot open application