Issues on site detected?

See: https://asafaweb.com/Scan?Url=https%3A%2F%2Fwww.achel.org%2Flogin%2Findex.cfm
→ <customErrors mode=“RemoteOnly” defaultRedirect=“~/Error”
Excessive header warning:
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Secure cookie warning: Result
It looks like 2 cookies are being served over HTTPS without the “secure” flag being set (name : value):

CFID : 1056621
CFTOKEN : b8270e09cc770341-29437CDA-D50E-9717-C57199C0209BCD3A
Unless the cookie needs to be sent over an insecure connection, the “secure” flag should

pol

No alerts on that website for me. :slight_smile:

Bitdefender TrafficLight detects.
Zulu Zscaler thinks otherwise: http://zulu.zscaler.com/submission/show/ccc0f3e72b48c49352ce22008612e5e4-1392934273
htxp://achel.org/login/index.cfm (302 Moved Temporarily)
hxtps://www.achel.org/login/index.cfm (302 Moved Temporarily)
See: http://jsunpack.jeek.org/?report=42fbeefa938dc3cb8d020abe46fe2254edba7653
and http://jsunpack.jeek.org/?report=e70ca9a7e20d3c1f2e26b7fc6e13590ab73ec746

error in script: error: line:7: SyntaxError: missing ; before statement:
error: line:7: Hide script from older browsers
error: line:7: …^
error: line:5: SyntaxError: missing = in XML attribute:
error: line:5:
error: line:5: …^

polonus