pfSense Firewall (latest firmware)
Our site has an A+ rating but has shown weak ciphers.
As far as I could tell, I had them all disabled via IISCrypto. (capture2.jpg) so I ignored them, however this morning our latest PCI scan failed due to
As noted, this shows in IICrypto as not enabled and yet it's being detected.
I don't really understand how that's possible.
Could there be an issue with ciphers on the firewall? I'm going to open a ticket with pfSense to inquire, but thought I'd ask here as well.