SSL Labs have a
free test that will analyse an SSL-secured site and offer advice on how to improve it. There are currently a couple of attacks against common / mainstream configurations of SSL.
At the moment the only way to prevent the BEAST attack is to use RC4 ciphers. Unfortunately, RC4 is now in the 'looking shaky' camp, but this is a case of trading off a theoretical weakness against a practical exploit.
They also offer a free best practice guide on SSL deployment. If you have an SSL site check it out!
This Post was from: https://www.impresscms.org/iforum/viewtopic.php?topic_id=5441&post_id=48176