Geekflare
[gtranslate]
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In Security  |  Last updated: November 28, 2022
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

SHA-1 Security Vulnerability Scan and How to Fix

By
joomla security extension

SHA-1 (Secure Hash Algorithm) is a cryptographic hash function produces 160-bit hash value, and it’s considered weak.

It’s quite interesting to know  – there are 93 % of a website is vulnerable to SHA1 on the Internet.

Google has started gradually sunsetting SHA-1 and Chrome version 39 and later will indicate visual security warning on websites with SHA-1 SSL certificate with validity beyond 1st Jan 2016.

Web Administrator is busy with so many vulnerabilities this year like Freak Attack, Heartbleed, Logjam. Well, that’s how Web Security is evolving, and one of the challenging tasks for Web Security Administrator would be to keep up-to-date on one’s knowledge and act wisely on security vulnerabilities to secure Web Applications.

In this article, I will talk about how to check for SHA-1 vulnerability and how you can fix this.

Test SSL SHA-1 bug

One of the quickest ways to test if your website SSL is signed with SHA-1 would be to hit the following URL and enter the URL and click on Go.

URL: https://shaaaaaaaaaaaaa.com/

sha1-test

If it’s signed with SHA-1, you will get following dang

sha1-test-dang

else you will get a nice message.

sha1-test-nice

You may also check the following, which can help to check SHA-1.

Fix SSL SHA-1 bug

Fixing SHA-1 means you need to get an SSL certificate signed with SHA-2.

Some SSL cert providers can provide you a cert with SHA-2 signed, however, in most cases you would like to get the new SSL certificate signed and implement it.

To get SHA-2 certificate using OpenSSL

openssl req -new -sha256 -key example.key -out example.csr

You may also generate a certificate online on the following:

https://csrgenerator.com/

I hope now you know if your website SSL is SHA-1 signed and understood the procedure to fix this.

  • Chandan Kumar
    Author
    As the founder of Geekflare, I’ve helped millions to excel in the digital realm. Passionate about technology, I’m on a mission to explore the world and amplify growth for professionals and businesses alike.
Thanks to our Sponsors
More great readings on Security
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti
    Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Brightdata
    Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Monday.com
    Monday.com is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder
    Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder