Get the latest news, developments & features on

THE ADGE BLOG

Qualys gives Adge an A+ score for its SSL implementation

October 15, 2014

At Adge we take security and transparency very seriously, striving to implement all security-related best practices to achieve the highest level of safety and encryption for our users.

We are pleased to share the results of our Qualys SSL Labs SSL Report:
View Results

Qualys rates the Adge SSL implementation as A+, their highest rating. To achieve this perfect score, IT teams must implement the latest certificate signature algorithms, protocols, headers and cipher suites.

Furthermore, in response to the disclosure of the latest SSL bug, the SSLv3 POODLE exploit, we have dropped support for the SSLv3 protocol.

For the geeks out there, Adge runs nginx and generally mirrors the SSL configuration used by Cloudfare. The Cloudflare team maintains a repository on github with their latest nginx configuration. As of October 15th, the config is:

ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers                 EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
ssl_prefer_server_ciphers   on;

Sources:
https://github.com/cloudflare/sslconfig/blob/master/conf
http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
https://blog.cloudflare.com/sslv3-support-disabled-by-default-due-to-vulnerability/

Return to Blog
The Adge App

Got an Adge Account?
Download the Adge App today!

Available on the App Store