How to Fix Windows Server SSL Vulnerabilities
How to Fix Windows Server SSL Vulnerabilities is required if you are developing an application using Visual Studio or any Microsoft tool. You have to make sure that you are not vulnerable to most obvious issue in SSL now a days like POODLE, Beast, Freak and Logjam. IIS Crypto is a very good application to fix most of the SSL vulnerabilities on a windows server. under given are the key features of this application:
- Single click to secure your site using best practices
- Stop logjam, FREAK, POODLE and BEAST attacks
- Easily disable SSL 2.0 and SSL 3.0
- Enable TLS 1.1 and 1.2
- Disable other weak protocols and ciphers
- Enable forward secrecy
- Reorder cipher suites
- FIPS 140-2 and PCI templates
Many people will surely ask a question that what actually IIS Crypto do, it will update the register settings of your system. It also updates the cipher suite order in the same way that the Group Policy Editor does. IIS Crypto has been tested on Windows Server 2003, 2008, 2008 R2 and 2012 and 2012 R2.
You can choose the PCI-DSS template if you are more concerned about the security of your server and want to protect it from many issues in SSL. You can also choose your own settings like removal of SSLv3 from your server along with removal of RC4 ciphers.
Note: After applying these settings you have to restart your server. Make sure you apply all these settings on a staging environment before implementing on a production server.
IIS Crypto is offered in both a GUI and a command line version. It runs on .Net 2.0 or 4.0. Click here to choose your version.
In order to test your website after fixation, please visit under given URL:
You can also test your website with SSLShopper.com website or ssllabs. The URL for SSLLabs.com to test your server is given as under:
Share your valuable comments.