Author Topic: Scansite with vulnerable encryption settings...insecure connection alerted!  (Read 892 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Nothing alerted here: https://www.virustotal.com/#/url/de2be47a0ba75f3048efe01c052b38287a6a5652b9433c71036a583c6799eef4/detection

Re: Warnings
RC4
Your server's encryption settings are vulnerable. This server uses the RC4 cipher algorithm which is not secure. More information.
Disable the RC4 cipher suite and update the web server to support the Advanced Encryption Standard (AES) cipher algorithm. Contact your web server vendor for assistance. Certificate Transparency:  Not embedded in certificate Comodo RSA chain tested cert. on DFW datacenter servers, USA.

F-Grade status with recommendations and various issues: https://observatory.mozilla.org/analyze.html?host=scanurl.net
Excessive headers warning: Server: Apache
X-Powered-By: PHP/5.5.38

Cookies not flagged as "HttpOnly" may be read by client side script and are at risk of being interpreted by a cross site scripting (XSS) attack. Whilst there are times where a cookie set by the server may be legitimately read by client script, most times the "HttpOnly" flag is missing it is due to oversight rather than by design. Result It looks like a cookie is being set without the "HttpOnly" flag being set (name : value): PHPSESSID : f02c3ebb80603c9f1e8b231cf1218066 Unless the cookie legitimately needs to be read by JavaScript on the client, the "HttpOnly" flag should always be set to ensure it cannot be read by the client and used in an XSS attack.

Cookies served over HTTPS but not flagged as "secure" may be sent over an insecure connection by the browser. Often this may be a simple request for an asset such as a bitmap file but if it's on the same domain as the cookie is valid for then it will be sent in an insecure fashion. This poses a risk of interception via a man in the middle attack.

Session cookie set without using the Secure flag or set over http:
Result
It looks like a cookie is being served over HTTPS without the "secure" flag being set (name : value):

PHPSESSID : f02c3ebb80603c9f1e8b231cf1218066
Unless the cookie needs to be sent over an insecure connection, the "secure" flag should always be set to ensure it can only be sent with an HTTPS request. Re: https://webcookies.org/cookies/scanurl.net/8860386

Mediocre score results 0f 49% -> https://en.internet.nl/domain/scanurl.net/95509/

OK: http://retire.insecurity.today/#!/scan/1321377c4c5436f60ed9e48ff2a42927cc7b2c5aadba896b3e8cd7a9d34e0b5b

DNS: The following nameservers did not respond to my query:
-ns2.tera-byte.com.
-ns1.tera-byte.com.
detected 2 stealth nameservers:
-ns2.tera-byte.com.
-ns1.tera-byte.com.

Your nameservers are on the same Class C IP range. This is very bad if you want to be found in the case of outage, or even worst, problems!

IP risk report: http://toolbar.netcraft.com/site_report?url=http://216.194.64.193

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!