Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

disable SSL 2.0 and use SSL 3.0

Discussion in 'Security' started by dvolsysop, Jan 8, 2010.

  1. dvolsysop

    dvolsysop Registered

    Nov 4, 2005
    Likes Received:
    Trophy Points:
    On a PCI compliance scan...

    The remote service encrypts traffic using a protocol with known weaknesses. Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients. See also : Solution: Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. Risk Factor: Medium / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)

    How does one go about disabling SSL 2.0 and using SSL 3.0?
    If this is done will any other services be affected?

  2. thewebhosting

    thewebhosting Well-Known Member

    May 9, 2008
    Likes Received:
    Trophy Points:
    To enable SSL 3.0

    To enable SSL 3.0, you will have to manually edit apache configuration file /usr/local/apache/conf/httpd.conf and edit following code:

    <IfDefine SSL>
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice