The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beast TLS Vulnerability

Discussion in 'Security' started by grayloon, May 7, 2012.

  1. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    I did some searching, and I can't find any cPanel references for this vulnerability. Will the fix below work with cPanel?

    Mitigating the BEAST attack on TLS

    This is the vulnerability information from McAfee Secure:
     
  2. gkgcpanel

    gkgcpanel Well-Known Member

    Joined:
    Jun 6, 2007
    Messages:
    217
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Yes, I too would like to know if this is easily fixable.

    Any news the cPanel team can share would be helpful.
     
  3. pravirock

    pravirock Registered

    Joined:
    May 17, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi , even Iam looking for this solution ..
    please update on this ..
     
  4. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    I still don't have a solution in place.
     
  5. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    Does anyone have a cPanel-specific fix?
     
  6. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    414
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I believe the following should work properly but have not had specific confirmation back from clients who had it flagged on their PCI scans:

    In WHM >> Apache Configuration >> Global Configuration:
    Change "SSL Cipher Suite" to the custom field and enter:
    "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

    In WHM >> Apache Configuration >> Include Editor:
    Add "SSLHonorCipherOrder On" to Pre VirtualHost Include - All Versions
     
  7. merlinpa1969

    merlinpa1969 Well-Known Member

    Joined:
    Dec 3, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    PA
    cPanel Access Level:
    Root Administrator
    it works as long as SM is not scanning any ports but 443 it will still fail on cPanel webmail ftp and so on
     
Loading...

Share This Page