Our Assessment Activities

SSL Labs (this web site) is a non-commercial research effort, run by Qualys, to better understand how SSL, TLS, and PKI technologies are used in practice. Since 2009, we have been working on tools and documentation to assist system owners assess, troubleshoot, and improve their usage of SSL. We have also worked very hard to promote the importance of properly configured SSL servers for security.

Our scanning activities fall into 2 groups:

Our assessments are slow, non-intrusive, and do not consume significant resources. They are focused solely on the effective SSL configuration of public servers. The security of the web servers themselves is not investigated. We do not send any malicious or even malformed traffic. We never test for exploits.

We apologise for any inconvenience that our scans may be causing for you. If you have a problem with how we're scanning, please get in touch. We will be happy to adjust our scanning so that it does not bother you. If, on the other hand, you object to your public web servers being scanned, we will add you to our black list (consisting of IP addresses and/or domain names) and you will not be scanned again.