Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable Weak RC4 Ciphers PCI Compliance Q2 of 2019

Discussion in 'Security' started by BubbaTrading, Jun 5, 2019.

  1. BubbaTrading

    BubbaTrading Member

    Joined:
    Jun 5, 2019
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hola, I am at my wits end with attempting to obtain compliance for a new PCI vulnerability flagged here in the second calendar quarter of 2019. Specifically this time around, our Payment Processor is demanding we disable "SSL/TLS use of Weak RC4 (Arcfour) Ciphers.

    However, I have added :!RC4 to every cipher string tweak entry point within WHM known to me:
    • Apache Configuration Config
    • cPanel Web Disk Config
    • cPanel Web Services Config
    • Exim Config
    • FTP Server Config
    • Mailserver Config

    However still the PCI Flag appears for ports 25, 26, 465, and 587 as still making use of RC4.

    Am I missing a cipher configuration location? Thank you.

    - Allison
     
    #1 BubbaTrading, Jun 5, 2019
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,466
    Likes Received:
    505
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @BubbaTrading

    Can you please open a ticket using the link in my signature, it sounds like you have covered all the bases but a look at the system may be warranted? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelLauren, Jun 6, 2019
  3. BubbaTrading

    BubbaTrading Member

    Joined:
    Jun 5, 2019
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello, thank you for your reply. We were required to disable all ssh into the server to achieve PCI compliance. As such can a support ticket be created to require login to WHM GUI?
     
    #3 BubbaTrading, Jun 13, 2019
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,466
    Likes Received:
    505
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelLauren, Jun 13, 2019
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable Weak Ciphers
  1. WaldoPepper

    How to disable FKA SMTP Tweak in DNSONLY

    WaldoPepper, Sep 16, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    1,174
    cPanelMichael
    Mar 21, 2018
  2. thanasis

    Disable CGI Error Logging

    thanasis, Jul 15, 2019 at 4:09 AM, in forum: General Discussion
    Replies:
    2
    Views:
    123
    thanasis
    Jul 16, 2019 at 2:58 PM
  3. yogiks

    The “tailwatchd” service is disabled

    yogiks, Jul 4, 2019, in forum: Workarounds and Optimization
    Replies:
    4
    Views:
    110
    cPanelLauren
    Jul 5, 2019
  4. Peter N

    STRICT MODE MySQL not disabled by default

    Peter N, Jun 10, 2019, in forum: Database Discussion
    Replies:
    1
    Views:
    227
    Infopro
    Jun 10, 2019
  5. Gareth-AWD

    See which users have mod_security disabled?

    Gareth-AWD, Jun 5, 2019, in forum: Security
    Replies:
    1
    Views:
    179
    cPanelLauren
    Jun 5, 2019

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice