SSL Frontend Vulnerability

thtechqaacb69d

Hi, we found SSL Frontend Vulnerability from security scan result that says:

One or more secure URL checks failed: Your installation's login page does not use SSL. One or more secure URL checks returned unknown results: We were not able to detect if your installation's checkout page uses SSL.http://mjp-upgrade.uat.hosting.acommerce.asia/customer/account/login
Checkout page http://mjp-upgrade.uat.hosting.acommerce.asia/checkout/onepage redirects to a non-checkout page.

We dont find the same issue in the Production env. Both staging & Prod envs have the same config. Anyone has any ideas or recommendations?

dravenlock48ba

if both staging and production environments have the same config but only staging is flagging this vulnerability yoiu can check for any differences in how SSL is being enforced (like .htaccess rules, server-level settings, or CDN behavior). plus make sure staging has a valid SSL certificate and isn’t using a self signed one that could throw off the scan.

SSL Frontend Vulnerability

SSL Frontend Vulnerability

Re: SSL Frontend Vulnerability