Website security should be one of your top concerns when it comes to maintaining your online presence. Here at Createful we always adhere to the best and most up to date security practices to give our clients peace of mind that their data is safe.

You might think that having an SSL certificate installed makes your site secure. While this is partly true,  the server still needs to be configured correctly to ensure it is not vulnerable to attacks.

One of the most recent vulnerabilities is Logjam. The vulnerability allows a man-in-the-middle style attack, which allows the attacker to exploit the connection and allow them to read data that is being exchanged. Heartbleed is another example of a recent vulnerability with SSL technology. This allowed an attacker to trick the server into sending them sensitive information such as private keys for encryption. If those are compromised, the entire server is compromised. Vulnerabilities such as these can be fixed simply by keeping the server up to date with the latest software.

It was for this reason we decided to team up with Qualys SSL Labs to create a WordPress plugin to automatically check your server’s SSL quality using the Qualys SSL Labs API and notify you if  the quality grade falls below a certain level. This will help you keep on top of any new security vulnerabilities and react more rapidly.

The free plugin allows the user to configure the time interval between scans, and the email address to which scan results are sent. The notifications are only sent if the the grading is below the level you specify.

You can also view the status in real time simply by using the view status screen. The plugin is available through WordPress and can be found in the WordPress plugin repository by searching for “SSL quality” or view the plugin page.

screenshot-1 screenshot-2 screenshot-3