Certificate rating error
bbtest.net
Actions
Server rating error
Malware scan error
Vulnerability scan error
bbtest.net
Actions
Tuesday 17, Jan 2016
View details
View details
View details
View details
Website security view color coding spec
Issue has been found
If any issue has been found, we use a red stroke and unlocked icon
Unknown if there are issues
If we cannot reliably determine issues have been found, then we use an open padlock with question mark icon
No issues found
Locked padlock if no issues are found
Server security
Site trust and malware
Vulnerability assessment
3
3
3
Server security
• IF there are any critical issues use red dot
• IF there are only non-critical issues use orange dot
• IF there are no issues there will be no dot
Certificate security
Certificate security
3
• If the security rating is failed or not secure dot should be red
• If the rating is at risk it should be orange
• If the rating is secure - no dot
Tables
Server security
Certificate security
• IF there are any critical issues use red line
• IF there are non-critical issues use orange line
• IF there are no issues there will be no color
10.212.215.201
22
Critical
Outdated cipher algorithm, weak session key size
CRIME, POODLE
2
10.212.245.215
143
Non-critical
Weak session key size, Outdated TLS / SSL protocol
BEAST, POODLE
1
10.212.245.216
110
Secure
None
None
2
• IF there are any failed or not secure ratings use red line
• IF there are at risk ratings use orange line
• IF the rating is secure or very secure don't use color
10.212.130.249
443
buy.bbest.net
Failed
Expired
10.212.130.249
80
www.bbest.net
At risk
Valid
10.212.245.215
143
shop.bbtest.net
Secure
Valid
Site trust and vulnerability tabs
IF there are any issues found they get a red line.
Malware found
The trust seal and seal-in-search have been turned off.
Issue found on 2017-Jan-24
Site trust status:
Compromised
Malware found
Location
Malware type
Actions
bbtest.net/buy
Security warning in the URL
View malware code
Instances found
2
Know spam detected
Issue found on 2017-Jan-24
Status:
Not secure
Server security details
BEAST
Issue found on 2017-Jan-24
SWEET32
Lorem ipsum dolar simet etc.
Issue found on 2017-Jan-24
Header icon
• IF there are any issues found the padlock is unlocked
• IF there are no issues found it's locked
• IF the security is unknown padlock would be open with ? mark
Issues found
Critical issues get a red line
Non critical get orange
Certificate security details
Summary
Certificate status
Certificate and chain attributes
Security risk
3
3
6
Overall rating:
At risk
Tabs
• IF the overall category rating is failed or not secure, dots should be red
• IF the overall category rating is at risk dot should be yellow
• IF the overall category rating is secure or very secure there would be no dot
•
Details inside tabs
Overall rating
• IF the overall rating is failed or not secure, dots should be red
• IF the overall rating is at risk dot should be yellow
• IF the overall rating is secure or very secure there would be no dot
Each issue
Make sure that all intermediate CA certificates in the chain use the SHA-256 hash algorithm. Modern browsers do not trust certificates that use SHA-1.
Geotrust Global GA (Intermediate CA) rating
CA key strength
RSA 2048
Hash algorithm strength
SHA1
Expiration date
2017-Dec-31-Valid
-
• Critical/failed issues would have a red line
• Non-critical/at risk issues would get orange line
bbtest.net
Actions
Turn on malware scanning
Turn on vulnerability assessment
Server issues
0
Tuesday 17, Jan 2016
Certificate issues
3
Tuesday 17, Jan 2016
Summary view
Detail view - FQDN (Page/Module header)
Dashboard > Website security > Details
bbtest.net
Set security alert preferences
Dashboard > Website security > Details
bbtest.net
Set security alert preferences
Dashboard > Website security > Details
bbtest.net
Set security alert preferences
Issue has been found
Unknown if there are issues
no issues found
This icon would get the same treatment as the icons defined for summary view.
Tabs
If there is any malware found, or site trust has been comprimised, the dots would be red.
Site trust and Malware + Vulnerability assessment