Hack with confidence.
Page ssl-misconfiguration.php is vulnerable to at least the following:

SSLStrip can be used to downgrade the connection when the Enforce SSL button is selected.