Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Beast TLS Vulnerability

Discussion in 'Security' started by grayloon, May 7, 2012.

  1. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    107
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    I did some searching, and I can't find any cPanel references for this vulnerability. Will the fix below work with cPanel?

    Mitigating the BEAST attack on TLS

    This is the vulnerability information from McAfee Secure:
     
  2. gkgcpanel

    gkgcpanel Well-Known Member

    Joined:
    Jun 6, 2007
    Messages:
    214
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    DataCenter Provider
    Yes, I too would like to know if this is easily fixable.

    Any news the cPanel team can share would be helpful.
     
  3. pravirock

    pravirock Registered

    Joined:
    May 17, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hi , even Iam looking for this solution ..
    please update on this ..
     
  4. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    107
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    I still don't have a solution in place.
     
  5. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    107
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    Does anyone have a cPanel-specific fix?
     
  6. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    423
    Likes Received:
    7
    Trophy Points:
    168
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I believe the following should work properly but have not had specific confirmation back from clients who had it flagged on their PCI scans:

    In WHM >> Apache Configuration >> Global Configuration:
    Change "SSL Cipher Suite" to the custom field and enter:
    "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

    In WHM >> Apache Configuration >> Include Editor:
    Add "SSLHonorCipherOrder On" to Pre VirtualHost Include - All Versions
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. merlinpa1969

    merlinpa1969 Well-Known Member

    Joined:
    Dec 3, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    PA
    cPanel Access Level:
    Root Administrator
    it works as long as SM is not scanning any ports but 443 it will still fail on cPanel webmail ftp and so on
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice