Vulnerabilities/

No HTTPS

Impact: Medium

Description

In HTTP communications, traffic is not encrypted and can be captured by an attacker who has access to a network interface.

Recommendation

Enable HTTPS and enforce using it.

References

👉 You might also like:

No Redirection from HTTP to HTTPS - Vulnerability

Basic Authentication Over HTTP - Vulnerability

BREACH attack - Vulnerability

Cookie without Secure Flag - Vulnerability

Last updated on February 15, 2021

Use SmartScanner Free version to test for this issue

Download