The SSL Cipher Monitor is designed to regularly check and grade the ciphers enabled on your website. Ciphers are an attribute of the SSL certificate installed on your webserver and may be subject to known vulnerabilities such as ‘BEAST’ and ‘PANDA’.
This can also be used to ensure that the SSL configuration of your website is compliant against the Payment Card Industry Data Security Standard (PCI DSS).
How do I configure the SSL Cipher Monitor?
To configure a SSL Cipher Monitor, navigate to the Website that you want to configure the monitor on and then select “Website Overview” from the left blue menu.
From this screen you have the ability to enable the SSL Certificate, under “Security” on the right side of the page.
You can then see a Passing or Failing response depending upon what has been found by the Cipher scan along with a full list of the Ciphers and any issues identified.
Note: You can only enable the SSL Cipher Monitor for websites that have SSL enabled and have been added as HTTPS websites within the RapidSpike application.
Viewing SSL Data
Click the “View” button next to the SSL Cipher monitor on the “Website Overview” page. This will open a form where you can see your monitor’s details. You can then see a Passing or Failing response depending upon what has been found by the Cipher scan along with a full list of the Ciphers and any issues identified