How to interpret SSL/TLS test results

Question

Hi, everyone,
We've checked recently our website (stopdrugs.info) using SSL/TLS security test. The report here revealed a lot of errors and vulnerabilities with overall grade B-. But now I don't know what to do with these results. Can anyone just make some short hints if there are any critical errors which are really essential for our website security. 
Thank you in advance.&nbsp;

eben · Answer

It means some of the cipher suites that are active are not PCI/HIPAA/NIST compliant. You could manually disable this set of cipher suites from your client ssl profile.This 
Resource will come handy.&nbsp;
Secondly your websites calls third party resources using HTTP and not HTTPS.
Resolving this should take you from a B- to A.&nbsp;
HTH&nbsp;

eben_259100 · Answer

It means some of the cipher suites that are active are not PCI/HIPAA/NIST compliant. You could manually disable this set of cipher suites from your client ssl profile.This 
Resource will come handy.&nbsp;
Secondly your websites calls third party resources using HTTP and not HTTPS.
Resolving this should take you from a B- to A.&nbsp;
HTH&nbsp;

dimitrirosto_35 · Answer

Thank you, I will try.&nbsp;

dimitrirosto_35 · Answer

Thank you, I will try.&nbsp;

Forum Discussion

How to interpret SSL/TLS test results

4 Replies

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

How to Verify config before loading to F5

Related Content

F5 BIG-IP Virtual Patching With Web App Scanning Results

TLS Fingerprinting to profile SSL/TLS clients without decryption

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

SSL Profiles Part 11: TLS Optimization

F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS