Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL compatibility with mod_http2

Discussion in 'Security' started by yagami_kira, Oct 9, 2017.

  1. yagami_kira

    yagami_kira Member

    Joined:
    Mar 7, 2017
    Messages:
    18
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Tokyo
    cPanel Access Level:
    Website Owner
    I've been reading some information in the internet that mod_http2 module can cause issues if the server is not using a strong SSLCipherSuite.

    Hypertext Transfer Protocol Version 2 (HTTP/2)

    I don't really understand what this means. I'm just using a free SSL that is included in cPanel (powered by Comodo) via AutoSSL. Since this is a free SSL, does it mean that I'm using weak CipherSuites and there's a strong likelihood that they're included in the black list?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. yagami_kira

    yagami_kira Member

    Joined:
    Mar 7, 2017
    Messages:
    18
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Tokyo
    cPanel Access Level:
    Website Owner
    Below is the cipher code provisioned by my VPS provider by default:

    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH

    I've read the thread, but I'm not comfortable in further changing the above cipher code it in fear of making our sites inaccessible to users.

    I believe the above cipher code is commonly used, but I don't find any information elsewhere if enabling HTTP2 on the server will cause browser issues if this default cipher code is retained ?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I've not seen reports of any issues with HTTP2 when the default Apache cipher suite and protocols provided by cPanel are enabled, other than the thread linked in my last response. You may want to use the default cipher settings first, and then make adjustments if necessary.

    Thank you.
     
Loading...

Share This Page