Skip to content

How to Increase SSL Labs Score in Services? What Configurations Can Be Made to Get A+?

About

What is the SSL Labs Score?

SSL Labs is a tool that evaluates the security levels of websites and other online services. To achieve a high score, a web server's SSL/TLS configuration must be secure. This includes properly configured SSL/TLS certificates, strong encryption algorithms, support for the latest protocols, and the use of HTTP security headers. SSL Labs tests these features of the server and reports security weaknesses and improvement suggestions along with a rating. The highest score is A+, and the lowest is F.

On TR7 ASP, the SSL Security and the Manage HTTP Security Headers action can be used to achieve the highest scores in test environments like SSL Labs, significantly enhancing the security of your web applications.

Interface

SSL Labs Score Improvement

Step > 1 (SSL Security)

Follow the steps "Certificate > SSL Security > Add". Configure options such as the minimum and maximum SSL versions, and the encryption algorithms to be used, based on your needs, and click the "Add" button.

LOGO

Warning

The created SSL Security profile can be used in multiple vServices.

Step > 2 (Manage HTTP Security Headers)

Follow the steps "Traffic Manager > Traffic Manipulation > Actions > Add". In the opened screen, select Manage HTTP Security Headers as the Action Type, then from the Response Headers tab, select the desired headers such as HSTS, X-XSS-Protection, Remove Server Fingerprints and click the "Add" button to create the action.

LOGO

Warning

Selecting all HTTP Security Headers may cause instability in your service (e.g., CSS not loading properly). The values of the security headers can also be manually configured using the Add HTTP Header action.

LOGO

Step > 3

The editing screen of the relevant vService, for which the SSL Labs score is to be improved, is opened. First, under the Details tab, Actions is activated and the created action is selected. Then, SSL Security is activated, and the created SSL Security profile is selected.

Click the "Save" button to apply the changes.

LOGO