The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)

Discussion in 'EasyApache' started by crazyaboutlinux, Aug 18, 2009.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    we have installed csf firewall AND i have seen warning for Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)
    Should we disable this option as mention above

    we are using
    cPanel 11.24.5-R37946
    WHM 11.24.2 - X 3.9
    CENTOS 5.3 i686 standard
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Nowadays, it's generally considered good practice to disable SSLv2 Cipher support and just rely on SSLv3.
     
  3. InstaCarma_Tech

    InstaCarma_Tech Well-Known Member

    Joined:
    Apr 22, 2009
    Messages:
    228
    Likes Received:
    1
    Trophy Points:
    18
    Disabling SSLv2 and other weak encryption methods is a great idea. More importantly, it is mandatory if you desire to get PCI Compliant in future.
     
Loading...

Share This Page