How to check the SSL security of your Nginx server
August 13, 2016 Comments
It's not easy to keep up with security updates and one of the most important updates to be aware of is the SSL security of your web server. Just in the past 2-3 years, there had been a bunch of very serious security vulnerabilities that were found in OpenSSL, such as Heartbleed, POODLE, and DROWN.
An easy way to check whether your web server is vulnerable is by using Qualys' SSL Server Test. Their tool does a very thorough evaluation of the SSL configuration on your web server. It gives you a rating and tells your of any issues it finds.
Also check out this sample Nginx configuration with improved security: https://gist.github.com/plentz/6737338