The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to Disable Insecure Cyphers SSL

Discussion in 'Security' started by slinky, Dec 24, 2015.

  1. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Running a test at Qualys resulted in seeing a number of insecure cyphers that prevented me from getting an acceptable "A" grade. Since WHM / CPanel has its own way of doing things, I preferred to get a more official response as to how to remove these Cyphers that most respected places shouldn't even be enabled in the first place.

    TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) ECDH secp256r1 (eq. 3072 bits RSA) FS INSECURE 128
    TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE 128
    TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE 128
    RC4 Yes INSECURE (more info)

    Thanks to all in advance and happy holidays!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
  4. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    I'll be honest. I still haven't gotten it to work and that thread, over a year old, is a cluster of confusion with most not resolving anything about how to disable. This is clearly not a simple task. If I can find the solution Ill tray to post a guide.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It looks like the test you provided now shows an "A" rating. Could you verify if the issue is now resolved?

    Thank you.
     
  6. slinky

    slinky Well-Known Member

    Joined:
    Jul 26, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    After a massive amount of searching and experimenting, I'm assuming that what I stuck in there eventually worked given the rating. I'm still waiting to see if Analytics shows higher bounce rates or issues with older browsers. Hopefully it's good - thanks for double checking and responding.
     
Loading...

Share This Page