The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

McAfee Scan - Weak Cipher?

Discussion in 'General Discussion' started by P_W, Aug 31, 2008.

  1. P_W

    P_W Active Member

    Joined:
    Oct 7, 2003
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Hackersafe has been nagging me about weak SSL cyphers. I've already followed some advice here about disabling SSLv2, but it only seems to apply to the HTTP processes, not the IMAP/POPS ports. Anyone else have this problem and/or have a resolution? I'm stumped.

    Thanks!
     
  2. sureshm

    sureshm Registered

    Joined:
    Nov 5, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Add the cipher list and try restarting the services.

    IMAPS: /usr/lib/courier-imap/etc/imapd-ssl
    TLS_CIPHER_LIST="ALL:!SSLv2:!ADH:!NULL:!EXPORT:!DES:!LOW:mad:STRENGTH"

    POP3S:/usr/lib/courier-imap/etc/pop3d-ssl
    TLS_CIPHER_LIST="ALL:!SSLv2:!ADH:!NULL:!EXPORT:!DES:!LOW:mad:STRENGTH"

    EXIM: /etc/exim.conf
    tls_require_ciphers = ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:!SSLv2
     
Loading...

Share This Page