The SSL/TLS protocol is one of the most widely used security protocols in communication security and identity authentication. It plays a very important role in ensuring the security of information system. However, due to the complexity of the SSL/TLS protocol, web sites are prone to security vulnerabilities such as code implementation vulnerabilities, deployment configuration defects and certificate key management problems when implementing and deploying SSL/TLS protocols. This type of security problems often occurs in Web sites, which also causes a lot of network security events, affecting a large number of sites. However, the existing methods to analyze and detect web security cannot satisfy the need. First, there are very few tools in this field, and their targets tend to focus on some certain aspects. In addition, these problems need to be further explored to acquire more detailed analysis and recommendations. In this paper, we design and implement a detection system to test the SSL/TLS protocol deployment of web site based on SSL/TLS. Our system performs vulnerability scanning and analysis mainly from three aspects:protocol basic configuration, cipher suites support, and typical attack test. We use it to scan the top 1 million websites of Alexa, and give detailed statistics and analysis. We found that the unsafe cipher suite 3DES is generally supported and the critical expansion OCSP Stapling support rate is less than 25%. What's more serious is that there are still many sites suffering from HeartBleed attacks and many other serious problems. Finally, the corresponding solutions or suggestions are given for the main problems in the scanning results.