Configuration Medium RC4 has known weaknesses and may be found to be broken in the future. Data confidentiality may be at risk. RC4 should not be prioritized as the most preferred cipher by the server. This can be changed in the server configuration settings. Mozilla has guidelines on server-side TLS configuration for a number of implementations. See link below. The HTTPS server would likely need to be restarted for configuration changes to take effect. Vega detected RC4 as a cipher prioritized by the vendor. RC4 has known issues and it is suspected that even more severe vulnerabilities may be unknown publicly. It is recommended that more secure ciphers be prioritized by the server. Consult the guidance provided by Mozilla in their Server Side TLS configuration guide. Server Side TLS (Mozilla) Biased outputs of the RC4 (Wikipedia) HTTPS (Wikipedia)