Skip to main content
News

Configuring uberagent.com for an A+ SSL Security Rating

  • by Helge Klein
  • November 24, 2016

Securing all communications on the internet becomes increasingly important. We switched all our sites to HTTPS only years ago, but simply enabling HTTPS is not enough, of course. The configuration needs to be carefully fine-tuned in order to really be secure.

Qualys Labs SSL Server Test

A great way to check a website’s SSL/TLS configuration is the Qualys Labs SSL server test. With recent improvements and a brand-new certificate from Digicert we are very happy about the A+ rating for uberagent.com in that test.

ssl-report-uberagent-com

Webserver Configuration

In case you are interested in the webserver’s configuration: Helge explains how to setup and configure a secure webserver for WordPress in this blog post. The article includes detailed SSL/TLS configuration instructions. Some key points to remember:

  • Disable SSLv2 and SSLv3: those protocols are old and have security issues. Every existing browser supports at least one variant of TLS, so there is no reason to keep SSL enabled.
  • Use the optimal SSLCipherSuite string: many different encryption algorithms are available for HTTPS/TLS. While we want to make sure older devices are supported, too, we want to use the strongest possible encryption with every device. That is why not only the content but also the order of the cipher suites is important.
  • Enable HTTP Strict Transport Security (HSTS): this tells the browser to only use encrypted connections for a website and never even try unencrytped HTTP.
  • Set a content security policy: this configures where website content may be loaded from.

Free Certificates from Let’s Encrypt

Webserver certificates have been quite expensive traditionally. The associated cost is by far the most important reason why most sites’ admins did not bother offering HTTPS. However, people’s mindsets are changing and security is being considered more and more important. A very welcome recent development is the creation of Let’s Encrypt, a free, automated and open certificate authority.

There really isn’t any reason anymore not to switch your site to HTTPS only.

About uberAgent

uberAgent is an innovative Windows and macOS user experience monitoring (UXM) and endpoint security analytics (ESA) product. UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. ESA comes with a sophisticated activity monitoring engine, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification.

About vast limits

vast limits GmbH is the company behind uberAgent, the innovative user experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.

Comments

Your email address will not be published. Required fields are marked *