Weak SSL/TLS Configuration¶
Gixy Check ID: weak_ssl_tls
Overview¶
The weak_ssl_tls plugin detects insecure SSL/TLS configurations that may compromise the security of encrypted connections. This includes outdated protocols, weak cipher suites, and client-driven cipher selection.
What it detects¶
1. Insecure TLS Protocols¶
Detects use of deprecated protocols that are vulnerable to attacks:
| Protocol | Status | Vulnerabilities |
|---|---|---|
| SSLv2 | ❌ Insecure | Multiple critical flaws |
| SSLv3 | ❌ Insecure | POODLE attack |
| TLSv1.0 | ❌ Insecure | BEAST, POODLE, CRIME |
| TLSv1.1 | ❌ Insecure | Weak ciphers, no AEAD |
| TLSv1.2 | ✅ Secure | Use with strong ciphers |
| TLSv1.3 | ✅ Secure | Modern, recommended |
2. Weak Cipher Suites¶
Detects cipher suites that should be avoided:
- NULL ciphers - No encryption at all
- EXPORT ciphers - Intentionally weakened (40-56 bit)
- DES/3DES - Vulnerable to Sweet32 attack
- RC4 - Broken stream cipher
- Anonymous ciphers (ADH/AECDH) - No authentication
- MD5-based ciphers - Weak hash function
3. Server Cipher Preference¶
Detects when ssl_prefer_server_ciphers is disabled, allowing clients to choose potentially weaker ciphers.
Examples¶
❌ Bad: Insecure protocols enabled¶
server {
listen 443 ssl;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; # SSLv3, TLSv1, TLSv1.1 are insecure
}
Insecure protocols enabled: SSLv3, TLSv1, TLSv1.1
❌ Bad: Weak ciphers¶
server {
listen 443 ssl;
ssl_ciphers ALL:RC4:DES:3DES; # Includes weak ciphers
}
Weak ciphers found: RC4, DES, 3DES
✅ Good: Secure configuration¶
server {
listen 443 ssl;
# Modern protocols only
ssl_protocols TLSv1.2 TLSv1.3;
# Mozilla Intermediate cipher suite
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
# Server chooses cipher
ssl_prefer_server_ciphers on;
# HSTS is checked by the dedicated `hsts_header` plugin.
}
Recommended Configuration¶
Based on Mozilla's SSL Configuration Generator:
Intermediate Configuration (Recommended)¶
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
Modern Configuration (TLSv1.3 only)¶
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
Why This Matters¶
Weak SSL/TLS configurations expose your server to:
- POODLE Attack (SSLv3) - Allows decryption of secure connections
- BEAST Attack (TLSv1.0) - Allows decryption of HTTPS cookies
- Sweet32 Attack (3DES) - Allows recovery of plaintext from long connections
- RC4 Bias - Allows plaintext recovery from encrypted streams
- Downgrade Attacks - Force use of weaker protocols
Testing Your Configuration¶
Use these tools to verify your SSL/TLS configuration:
- SSL Labs Server Test
- Mozilla Observatory
openssl s_client -connect yoursite.com:443
References¶
Harden NGINX with maintained RPMs
Use NGINX Extras by GetPageSpeed for continuously updated NGINX and modules on RHEL/CentOS/Alma/Rocky. Learn more.